Version two of the Network and Information Security Directive — otherwise known as the NIS2 Directive — is a piece of legislation that aims to strengthen the cybersecurity posture and resilience of the European Union (EU) by establishing a minimum set of cybersecurity measures and reporting requirements for EU member states to impose on their respective critical infrastructure entities and key supporting organisations.
NIS2 is intended to build upon the foundation left by its predecessor, the original NIS Directive, with an expanded scope and additional requirements developed in response to increases in the frequency and impact of cyberattacks against EU critical infrastructure entities in recent years.
NIS2 requires in-scope organisations to implement adequate cybersecurity measures to ensure the safety and resilience of their systems and networks. These measures cover areas including risk & vulnerability management, supply chain security, incident response, and secure authentication, among others. The directive also specifies how and when cyber incidents must be reported.
NIS2 was formally adopted by Parliament in November 2022 and entered into force on 16 January 2023 — leaving Member States until October 2024 to transpose its measures into national law. With limited time left to prepare, in-scope organisations require the right tools for compliance and are encouraged to seek guidance from Claroty or another trusted advisor as soon as possible.
NIS2 impacts all entities that operate in the EU, employ at least 50 people or exceed €10 million in revenue, and are deemed critical to society. The directive categorises all in-scope entities as either essential (which covers sectors such as energy, healthcare, transport, and water), or important (which covers sectors such as manufacturing, food, waste management, and postal services).
NIS2's noncompliance penalties vary based on an entity's categorisation. Essential entities will face fines up to €10 million or at least 2% of the total annual worldwide turnover in the entity's previous fiscal year (whichever is higher). Important entities will face fines up to €7 million or at least 1.4% of the total annual worldwide turnover in the entity's previous fiscal year (whichever is higher).
Claroty’s cyber-physical systems (CPS) cybersecurity portfolio both supports and simplifies NIS2 compliance by extending robust protection, monitoring, and other cyber risk management controls to all CPS — including those that underpin the essential and important services provided by EU entities deemed in-scope for NIS2. Alignment between the Claroty Portfolio and NIS2 spans two core areas of the directive's requirements: Cybersecurity Risk Management and Incident Reporting. Specifics include:
Claroty Support: Claroty discovers and assesses all assets, systems, vulnerabilities, and cyber and operational risks in CPS environments and uses this extensive visibility to automatically define and enable the enforcement of network security policies that mitigate exposure to such risks.
Claroty Support: Claroty continually monitors the entire CPS environment for the earliest indicators of known and unknown threats, contextualises all alerts to optimise response, and integrates with SIEM, SOAR, and related solutions to extend existing SOC workflows across all CPS.
Claroty Support: Claroty delivers a comprehensive, real-time inventory for all CPS, logs all asset and network changes and anomalies, defines and enables enforcement of network segmentation policies and access controls that help protect against and contain incidents, and offers ready-made integrations with backup and recovery tools — all of which help drive and improve entity-wide crisis management and continuity efforts.
Claroty Support: Claroty correlates all CPS against the latest CVEs and other weaknesses, continually assesses risk in the CPS environment, and provides secure-yet-frictionless remote access to OT for all internal and third-party users, enabling customers to effectively and efficiently assess, manage, and mitigate third-party risk across their supply chains.
Claroty Support: Just as with NIS2 requirement 4, Claroty correlates all CPS against the latest CVEs, misconfigurations, and other weaknesses in real-time, continually assesses risk exposure in the entire CPS environment, and provides highly secure-yet-frictionless remote access to OT for all internal and third-party personnel, enabling customers to effectively and efficiently assess, manage, and mitigate cyber risk across their environments.
Claroty Support: Claroty offers a custom risk-scoring mechanism, the ability to simulate the impact of risk remediation measures, proactive monitoring and historical assessments to measure how respective controls impact enterprise-wide risk posture over time, and flexible reporting to simplify the communication of this information for stakeholders across disciplines.
Claroty Support: Claroty’s risk reporting and simulation include remediation recommendations that help inform cyber hygiene and training needs. Additionally, Claroty’s SRA solution enables easy enforcement of RBAC, password policies, and other cyber hygiene practices among both internal and third-party personnel.
Claroty Support: Claroty encrypts all user-, CPS-, and other system-related data in accordance with NIS2, GDPR, and other regulatory requirements. Claroty also alerts on events in which sensitive data, such as personal health information (PHI), is processed against policies or otherwise, enabling customers to preempt incidents involving potential data exposure.
Claroty Support: Claroty’s risk mitigation recommendations help inform and prioritise cyber hygiene and access control policies. Additionally, Claroty’s SRA solution enables easy enforcement of RBAC, password policies, and other cyber hygiene practices for internal and third-party personnel. Claroty’s seamless integration with CMDB, CMMS, and related solutions enables easy extension of existing asset management workflows to all CPS entity-wide.
Claroty Support: Claroty SRA offers Zero Trust-based access controls including granular RBAC and MFA for all internal and third-party OT personnel, as well as secure remote and onsite access to all CPS within OT environments with the added peace of mind of high availability, an OT purpose-built UX, and full recordings to support audits, forensics, and related use cases.
Claroty Support: Claroty continuously monitors the entire CPS environment, enabling rapid detection of the earliest indicators of potential incidents. All events related to the same incident are bundled into a single, fully contextualised alert with all relevant details. These details typically the incident’s IoCs, root-cause analysis, involved assets, exploited vulnerabilities, their severity, and their risk to the environment, mitigation recommendations, logs, and more — all of which support impact assessments and can be easily shared with relevant authorities to satisfy this requirement.
Claroty xDome is a flexible SaaS platform purpose-built for all use cases & types of CPS on the entire industrial cybersecurity journey.
Medigate by Claroty is a SaaS-based healthcare cybersecurity platform that safeguards the connected devices that underpin patient care.
Claroty Secure Remote Access (SRA) delivers frictionless, reliable, secure remote access for internal and third-party OT personnel.
Claroty Continuous Threat Detection (CTD) offers robust, on-premises cybersecurity controls for industrial environments.