Statement
🛡 NIS2 Directive

NIS2 Compliance

Our commitment to compliance with the EU Directive on measures for a high common level of cybersecurity (NIS2) - for maximum security of your data and systems.

What is the NIS2 Directive?

The NIS2 Directive (EU 2022/2555) is the revised EU regulation on network and information security. It sets strict requirements for cybersecurity risk management and reporting obligations for organisations in critical sectors. As an IT service provider, we fall within the scope of this directive and implement all requirements consistently.

EU 2022/2555 — Directive on measures for a high common level of cybersecurity across the Union.

Who is affected?

The NIS2 Directive distinguishes between essential and important entities across various sectors.

🔹 Essential Entities

Energy, transport, banking, financial market infrastructure, health, drinking water, wastewater, digital infrastructure, ICT service management, public administration and space.

🔸 Important Entities

Postal and courier services, waste management, chemicals, food, manufacturing, digital providers (search engines, social networks, online marketplaces) and research organisations.

Our NIS2 Measures

INX System Solution implements the following measures in line with NIS2 requirements:

📋

Risk Management

Comprehensive security policies and regular risk assessments for all systems and services.

⚠️

Incident Handling

Structured processes for detection, response and reporting - initial notification within 24 hours, full report within 72 hours.

🔄

Business Continuity

Emergency plans, backup strategies and disaster recovery concepts for minimal downtime.

🔗

Supply Chain Security

Security assessment of all suppliers and partners, contractual security requirements throughout the supply chain.

🔒

Encryption & Access Control

End-to-end encryption, role-based access control and the principle of least privilege.

🔍

Vulnerability Management

Continuous scanning, patch management and responsible vulnerability disclosure.

🎓

Training & Awareness

Regular cybersecurity training for all employees and awareness campaigns.

🔐

Multi-Factor Authentication

MFA for all critical systems and administrative access as a standard requirement.

Technical Measures

📡

24/7 Monitoring

Round-the-clock monitoring of all systems and networks.

🛡

DDoS Protection

Multi-layered DDoS mitigation at network and application level.

🗃

Encrypted Backups

Daily encrypted backups at geographically separated locations.

📄

ISO 27001 Aligned

Processes aligned with ISO 27001 information security standard.

🕷

Penetration Testing

Regular external security audits and penetration testing.

👥

Incident Response Team

Dedicated team for immediate response to security incidents.

Compliance Timeline

Key milestones of the NIS2 Directive and our implementation:

December 2022

Publication of the NIS2 Directive (EU 2022/2555) in the Official Journal of the EU.

January 2023

Entry into force of the NIS2 Directive. Start of the 21-month transposition period for Member States.

October 2024

Deadline for national transposition by EU Member States.

2025 and beyond

Full enforcement and ongoing compliance reviews. INX System Solution is prepared.

Questions about security?

Our security team is available for questions about NIS2 compliance and our security measures.

📧 Contact security team