{"id":25429,"date":"2023-05-22T15:35:15","date_gmt":"2023-05-22T13:35:15","guid":{"rendered":"https:\/\/stage-fp.webenv.pl\/blog\/?p=25429"},"modified":"2025-01-30T17:42:59","modified_gmt":"2025-01-30T16:42:59","slug":"nis2-european-ports-prepare-to-comply-with-new-regulations","status":"publish","type":"post","link":"https:\/\/www.future-processing.com\/blog\/nis2-european-ports-prepare-to-comply-with-new-regulations\/","title":{"rendered":"NIS2: European ports prepare to comply with new regulations"},"content":{"rendered":"\n

A revolutionary change<\/strong> is awaiting the companies that will be operating in European ports in 2024.<\/p>\n\n\n

\n
\n \n \"NIS2\u2013definition <\/a>\n <\/figure>\n \n
\n
\n \n Close picture \n <\/use>\n <\/svg> <\/button>\n
\n
\"NIS2\u2013definition <\/figure>\n <\/div>\n <\/div>\n<\/div>\n <\/div>\n\n\n\n

I have already written about NIS2 coming into effect in 2024<\/a>. It will impact hundreds of organisations. For many port-related firms, NIS2 is the first ever set of cybersecurity regulations that they will have to comply with,<\/strong> so the shift is significant, and so are the penalties for potential violations.<\/p>\n\n\n\n

Fines of up to 10 million euros (or up to 2% of global revenue, whichever is higher)<\/strong> may be imposed on violators that either refuse to comply or simply won\u2019t meet the standards on time. Judging by the amount of fines, we may conclude that securing critical infrastructure has become a top priority for the EU<\/strong> \u2014 and not only on paper or just in the mouths of smooth-talking European politicians.<\/p>\n\n\n\n


Why is this so important?<\/h2>\n\n\n\n

Critical infrastructure companies face cyber threats all the time, but it was the war in Ukraine that truly brought their vulnerabilities to light. <\/p>\n\n\n\n

And these attacks on the key links in global supply chains may disrupt operations in many essential sectors, <\/strong>such as the energy or heavy industry, which is strongly associated with the military. That\u2019s why adhering to the new rules is so important, not only from an economic perspective, but also in terms of the safety of the general population.<\/p>\n\n\n\n

This example (just one of many) illustrates the point more clearly \u2014 in late January and February 2022, major oil terminals in Europe fell victim to a ransomware attack<\/a>. Among other places, the attacks also occurred in Antwerp, which houses the second biggest port after Rotterdam. <\/p>\n\n\n\n

As a result, companies were forced to suspend their operations, and tankers crowded outside the port, unable to unload. <\/strong><\/p>\n\n\n\n

At the same time, two German oil supply companies were also attacked and, in effect, they couldn\u2019t fulfil their supply contracts.<\/strong> And who was to blame? Russian-speaking hacker groups using BlackCat ransomware<\/a>, which suggests that the attacks might have come from the top rungs of the political ladder.<\/p>\n\n\n\n


What\u2019s the big deal about the new rules?<\/h2>\n\n\n\n

The initial version of the cybersecurity regulations from 2018 \u2014 called NIS <\/strong>\u2014 mandated fewer safeguards than NIS2 and applied only to the largest critical infrastructure companies. The new rules have been expanded and will impact mid-sized companies as well. <\/strong><\/p>\n\n\n\n

Plus, they will also apply to sectors that didn\u2019t fall under the previous law (for example, technology providers).<\/p>\n\n\n\n

We can expect that the NIS2 Directive<\/strong> will probably require firms to take the appropriate measures necessary to prevent cyberattacks, and respond to any emerging threats.<\/p>\n\n\n\n

This includes:<\/p>\n\n\n\n