search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Security


• Reduce inconsistencies in levels of resilience in sectors already covered by NIS


• Further improve information-sharing and set new rules for incident response, thereby enhancing trust between competent authorities (regulators)


It introduces a minimum set of measures to which all organisations must adhere, including: • Risk management and information security policies • Incident management for prevention, detection and response to cyber incidents


• Business continuity and crisis management • Supply chain security • Testing and auditing of security measures • Strong encryption All in all, more than 100,000 organisations will need to meet NIS2 requirements by the 18 October 2024 deadline.


UK perspective Of course, the UK’s departure from the EU is significant here.


NIS2 will affect entities outside the EU that provide


essential or important services to the European economy and society, including companies and suppliers. Indeed, like GDPR, NIS2 will have global ramifications,


as it will in some way impact all entities that provide ‘essential or important services’ to the European economy and society, both within and outside Europe. Trough this, any businesses outside the EU that fit


into the specific categories listed in the directive will be expected to comply if they want to conduct business with European companies and countries.


Divergence Te UK government has made it clear that, in a post- Brexit environment, it won’t be implementing NIS2 and that cybersecurity compliance will be an area of divergence between it and the EU. Te relevant UK government department said in


November 2022: “Given that the UK is no longer bound by EU legislation and will not be implementing NIS 2.0 there will be differences between the EU and the UK. Te UK’s legislation is designed for the UK economy and to maximise the benefits to the UK. Te UK’s approach, through outcomes focused tools such as the Cyber Assessment Framework, provides a measure of flexibility for companies.” Tere was some talk last year that the UK would


expand the type of in-scope digital service providers to MSPs, which would obviously have implications for the channel. However, an update to the NIS regulations that the


government promised to bring forward was dropped from the King’s Speech last year, meaning the last opportunity to update the laws before the UK general election was missed. Eventually, UK businesses that operate both


domestically and in the EU will be faced with the need to www.pcr-online.biz


comply with two different regimes: NIS 2 and the UK’s amended NIS regulations.


Challenge and opportunity Tere is some uncertainty over the final destination of the UK’s divergence in the field of cybersecurity compliance obligations. While this lack of clarity can make the situation


challenging for channel partners, it also creates an opportunity for partners who are able to guide their customers and help them navigate the complexities. Partners seem ready to seize this opportunity, too. Indeed, Westcon-Comstor carried out research earlier


this year and found that the vast majority (93%) of partners across the EU and UK see NIS2 as a chance to assist end-users. Meanwhile, 77% believe the new rules offer the


potential to build recurring revenues through the provision of services and managed services. A similarly high proportion (74%) believe NIS2


will present opportunities to drive product sales, with 51% eyeing increased revenues from education and enablement. Nearly two thirds of partners (60%) believe NIS2 will


have a major impact on end-user businesses, with around half (47%) believing that their customers are unprepared for the directive.


Awareness gap At the same time, partners acknowledge that they themselves need to get to grips with NIS2, with only 5% rating their understanding and awareness of the directive as good. A third (33%) said most of their customers outside the


EU don’t realise they could be impacted. Despite these misgivings over their own and their


customers’ awareness levels, 65% of partners believe NIS2 will ultimately succeed in its stated aim of improving cybersecurity defences and protection across the EU. Tree quarters (76%) view NIS2 as a positive development overall.


Knowledge economy As our survey shows, partners in the UK and beyond are keen to help their customers navigate NIS2 and achieve readiness ahead of its implementation later this year. From education and enablement to managed services,


partners have an opportunity to add value by serving as a trusted advisor to their customers and demonstrating expertise. First, however, partners are quite rightly seeking to


build their own understanding so they can seize the NIS2 opportunity equipped with the information they need. Tose that succeed in doing so are ideally placed to guide end-users through the UK’s changing cybersecurity compliance landscape up to October and beyond.


July/August 2024 | 27


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52