What about companies that operate worldwide?
There is a lot to digest at a national and territorial level for what is required from regulations like NIS, NIS2, and all the other forms of legislation around the globe. They should still present a low-water mark for global companies that deal with cyber risks regularly. If businesses aim to meet a high standard of security, they will meet the local requirements in most cases.
Still, a degree of mapping is required to ensure that various nuances are covered, such as which local agency would need to be contacted to report a data leak.
Is regulation keeping up?
Many insurers have historically taken a risk-based approach when assessing the risk of clients. We already ask that our clients meet measures similar to those required by NIS2 within our application criteria, covering risk analysis, incident handling, cyber hygiene, etc. You can find out some of the specific things we examine for our clients to ensure we make a fair and accurate assessment across infrastructure, software, data, access and more. Writing for and protecting against this type of risk in a modern cyber security environment is no different to a property insurer expecting a door lock and a reasonable level of security within a given property.
Implementing this level of security takes time,
but Brit are here to help
A lot of effort can be required to interpret and meet the standard of information security required by the regulations of NIS2, depending on the level of cyber maturity in a specific business. We understand the need for support, and with DataSafe, our clients can enjoy access to fully confidential and unlimited CISO services to support internal CISO and IT security teams. If you are a policyholder with Brit, feel free to contact this service to find out if your business meets the necessary requirements.
Additionally, our DataSafe training platform delivers the latest risk management resources to proactively manage ever-evolving data protection and privacy risks, providing the ability to respond quickly and effectively in the event of a data breach.
If you need further support specific to your client’s needs, the cyber team have all the information on the specific help you can get from Brit.