The clock is ticking down to the General Data Protection Regulation (GDPR), and most businesses are scrambling to ensure that they are prepared for its implementation on the 25th May. Organisations are being peppered with advice from all directions on how to prepare for the upcoming regulation and avoid the fine of €20 million, or 4 per cent of their annual turnover. Each team within an organisation needs to ensure that they are taking the right steps to prepare. For example, many Security and IT teams are working overtime to ensure that defences are heightened to protect against a potential data breach; CFOs are drawing up financial plans to ensure the business would be able to survive the maximum fine; and legal teams are hard at work guaranteeing compliance with the demanding requirements.
However, compared to the GDPR there seems to be little to no noise and attention to its quiet cousin: The Networks and Information Systems (NIS) Directive. This is surprising, as the NIS Directive comes into play two weeks before the GDPR, on the 9th May, and organisations found to be non-compliant will face a similar fine of between €10 million and €20 million, or 2-4 per cent of…
