CX Network interviewed cyber security and compliance expert Jonathan Armstrong, partner at Punter Southall Law, to find out what CX needs to know, the legal risks of non-compliance and his 10-step plan for what enterprises must do to ensure the safety of customer data under the new NIS2 rules.
CX Network: What is the EU’s Information Security Directive (NIS2) and what do businesses need to know about it?
Jonathan Armstrong: NIS2 is effectively an upgrade for EU cybersecurity law. The aim is to increase cybersecurity for critical national infrastructure but that’s now got a much wider definition, for example it covers businesses involved in things like digital infrastructure, energy, transport, banking, financial markets infrastructure health, water, public administration, ICT service management, space, postal and courier services, waste management, chemicals, food retail, manufacturing and research.
Businesses need to know about the requirements the law imposes on them and especially their obligations to report data breaches. They might also need to register too if they do business in the EU.
Continue Reading…
To continue reading the interview with Jonathan, visit: How CX is preparing for the new NIS2 cybersecurity directive.