NIS2 and other directives on the doorstep, plus cybercriminals in a gold rush and, to top it all off, massively tuned by AI & automation! What now?
The most efficient attack vectors have already been spied out while you are reading this article and are continuously updated by cyber criminals, as well as corresponding investments made to make the attacks more targeted, coordinated, obfuscating and multi-layered.
This is another reason why, in addition to the German government with its cyber security agenda, the EU is now also taking action with new directives - binding as a basic level - and the obligation of European governments to implement them in national law, in order to significantly increase the security level of potential attack targets.
New regulations - in addition to GDPR & Cyber Resilience Act - with significantly increasing requirements such as the EU-NIS2 directive, which is now expected to force over 45,000 companies to act instead of 4,500 in Germany alone, will massively increase the pressure to implement.
At the same time, insurers are less and less likely to cover cybercrime claims - even if an IT security policy has been taken out - if so-called standard requirements defined by the BSI are not met.
From the government's point of view, cyber security should become much more binding and any remaining gaps in the defence chain should be closed as far as possible within a few months.
The onus of collecting the information as well as the obligatory compliance also lies with NIS2 - as with almost all other regulations -, with the companies themselves.
As a member of the German Council of Economic Advisors and the Federal Working Group on Cybersecurity, SonicWall is active in an advisory capacity on drafts for the implementation of directives - such as NIS in national law - from the perspective of the business community, with the aim of providing technical support to politicians before they are finally passed as NIS2UmsuCG, presumably after the parliamentary summer recess.
Thus, we can provide you with first-hand background information and support you in meeting the challenge of the increased security requirements step by step.
Agenda of the workshop:
> Current attack patterns & routes of cyber criminals.
> Specific attack variants on large companies, KRITIS, retail, education, healthcare
> Risk assessment for small and medium-sized enterprises
> Expected standard requirements cybersecurity insurances
> DSGVO, NIS2, & current subsidies you should know about
> the 3 most important security priorities in 2023
NIS2
> Review of the status quo
-->What should generally be considered when creating a cybersecurity architecture?
-->Who is affected by the new regulation on NIS2, who is part of the chain?
-->Who is responsible and what are the consequences?
--> Identifying the measures
-->What can you do already now?
--> Who can help you meet the challenges?
Overview Security focal points:
> Multi-platform security and implementation through a holistic security ecosystem.
> Securing unknown & encrypted threats
> AI Threat Detection, Virtual Patching
> Non-standard port & HTTPS & IoT attacks
> Network Micro-Segmentation
> Comparison of TLS 1.2 vs. TLS 1.3 Security Standards & Current SSL Re-Negotiation Attacks
> LOG4Shell, LotL and other malware trends, malicious executables, microprocessor malware
> Case study on the integration of security into a Smart City / IoT architecture.
Q&A: Which questions may we answer?
