Expert audit

NIS2 GAP
analysis

Check your company's cyber security with our audit, get a realistic idea of what is required to meet the NIS2 directive.

I want to solve NIS2

Expert analysis of cyber security

NIS2 GAP analysis

Check your company's cyber security with our audit, get a realistic idea of what is required to meet the NIS2 directive.

I want to solve NIS2

SOLUTIONS

NIS2 GAP analysis

The NIS2 Directive, adopted by the European Union in 2022, expands the cybersecurity requirements for organisations in member states, including the Czech Republic. It is to be transposed into Czech legislation through an amendment to the Cybersecurity Act (ZoKB). A cybersecurity audit will provide a comprehensive overview of the current state of security, identify weaknesses and risks, provide specific recommendations for improvement and ensure compliance with NIS2. This process helps minimize risk, protect sensitive information, and increase your organization's overall security and resilience to cyber threats. The analysis is suitable for subcontractors of obligated persons under the NIS2 regulation

SOLUTIONS

NIS2 GAP analysis

The NIS2 Directive, adopted by the European Union in 2022, expands cybersecurity requirements for organisations in member states. It is to be transposed into Czech legislation through an amendment to the Act on Cybersecurity . The audit will provide an overview of the current state of security, identify weaknesses and risks, provide specific recommendations for improvement and ensure compliance with NIS2. The analysis is suitable for subcontractors of obliged persons under the NIS2 regulation

Who is affected by NIS2?

The Directive applies to organisations that provide services in the sectors listed in the Directive (e.g. energy, transport, health, digital infrastructure).

They employ 50 or more workers or have an annual turnover or balance sheet total of at least EUR 10 million.

Some of the subcontractors of the above companies.

Recommendations for companies

Conduct an analysis of the current state of cybersecurity (called a GAP analysis) to identify areas for improvement.

Implement or update information security management systems in accordance with international standards such as ISO/IEC 27001.

Provide staff training and raise awareness of cyber threats. Prepare for incident reporting and communication with NCIB.

Main requirements of the NIS2

Cybersecurity management

Identification and recording of all primary assets in the organization.

Establishing security policies and documentation.

Implementation of risk management measures, including risk assessment and mitigation.

Ensuring supply chain security.

Incident reporting

Obligation to report cyber security incidents to the National Cyber and Information Security Bureau (NCISB) within 24 hours of discovery.

Informing users of regulated services about incidents.

Security measures

Implement technical and organisational measures such as multi-factor authentication, encryption and regular data backups.

Regular employee training in cyber security.

Conducting cybersecurity audits.

Management Responsibility

The leaders in the organisation (e.g. Managing Directors, Directors) are responsible for ensuring compliance with the requirements of the Directive.

Failure to comply could result in penalties, including fines of up to €10 million or 2% of the company's global turnover

As the deadline for the implementation of the NIS2 Directive approaches, it is essential for companies in the Czech Republic to start preparations as soon as possible to ensure compliance with the new requirements and minimize the risks associated with cyber threats

The main requirements of NIS2:

Cybersecurity management

Security measures

Incident reporting

Management Responsibility

Who is affected by NIS2:

Organisations providing services in selected sectors (energy, transport, healthcare, digital infrastructure, etc.)

Selected subcontractors of the above entities

Organisations with 50 or more employees or with an annual turnover or balance sheet total of €10 million.

Selected subcontractors of the above entities

FREE CONSULTATION

Still hesitating? Contact us to find out more about NIS2.

Book an appointment for a free, no-obligation consultation with our cyber security specialist.

Book a date

Collaboration

We are here for you

The audit process is clear and efficient. We value your choice and the time you give us, so you always know exactly where you are in the process and what will follow.

FREE CONSULTATION

Still hesitating? Contact us to find out more about NIS2.

Book an appointment for a no-obligation and free consultation with our specialist.

Book a date

COLLABORATION

We are here for you

The audit process is clear and efficient. We appreciate your choice and time,

you dedicate to us, so you always know exactly what stage of the process you are at and what will follow.

Analysis

We assess the current status, security policies and procedures, evaluating their compliance with legislation and requirements.

Risk assessment

We identify and assess threats and vulnerabilities, analyse the impact and likelihood of incidents, and propose measures to reduce risks.

Security test

We test for vulnerabilities by scanning infrastructure, networks and applications. We conduct phishing campaigns.

Evaluation

We evaluate the findings and results of the tests, prepare a report on the identified weaknesses and prepare recommendations to address them.

Audit report

We will provide you with a report containing the test results, specific findings and a risk assessment. We will suggest corrective actions and next steps.

INQUIRY