|Observability-basierte Automatisierung unterstützt die Cybersicherheitsrichtlinie NIS2, erklärt Ben Todd, RVP Security Solutions, EMEA, Dynatrace, in einem Gastbeitrag.
Observability-based automation supports the NIS2 cybersecurity directive, explains Ben Todd, RVP Security Solutions, EMEA, Dynatrace, in a guest article.
Gesetzliche Regelungen wie die DSGVO und seit kurzem auch die NIS2-Richtlinie sollen den Datenschutz und die Cybersicherheit in der Europäischen Union verbessern. NIS2 ist die bisher umfassendste Cybersicherheitsrichtlinie der EU und eine Aktualisierung der 2016 eingeführten Vorschriften. Sie soll strengere Anforderungen an das Risikomanagement und die Meldung von Cybersicherheitsvorfällen für ein breiteres Spektrum von Branchen durchsetzen, wobei die Sanktionen bei Nichteinhaltung nun deutlich härter ausfallen. NIS2 muss bis zum 17. Oktober 2024 in nationales Recht umgesetzt werden. Da typische Compliance-Prozesse etwa zwölf Monate dauern, darf keine Zeit verloren werden.
Enorme Herausforderung für Unternehmen
NIS2 wird Fachkräftemangel weiter verschärfen
Automatisierte Qualitäts- und Sicherheitskontrollen sind eine gute Möglichkeit, manuelle Arbeit in diesem Prozess zu vermeiden. Durch die Kombination dieser Funktionen mit Observability-Daten können Schwachstellen oder Fehler automatisch erkannt werden, so dass Entwickler sie beheben können, bevor der Code in die nächste Phase der Bereitstellung geht.
Legislation such as the GDPR and, more recently, the NIS2 directive are designed to improve data protection and cybersecurity in the European Union. NIS2 is the EU’s most comprehensive cybersecurity directive to date, and is an update to regulations introduced in 2016. It aims to enforce stricter requirements for risk management and cybersecurity incident reporting across a wider range of industries, with significantly tougher penalties for non-compliance. NIS2 must be implemented into national law by October 17, 2024. With typical compliance processes taking approximately twelve months, there is no time to lose.
Enormous challenge for companies
As technologies become more intelligent and powerful, the methods used by attackers are also becoming more sophisticated. NIS2 is intended to ensure that companies are better protected against the flood of advanced cyber attacks. However, the stringent requirements are a huge challenge, especially for those sectors and organizations that have not previously had to comply with such strict regulations.
For example, NIS2 sets very tight deadlines for reporting cyber security incidents. Organizations are required to submit an early warning of a cybersecurity incident within 24 hours and a more detailed report within 72 hours. This must contain an initial assessment of the incident with information on the severity, impact and indicators of compromise. After one
month, a final report must be submitted, which must ensure that lessons can be learned from previous incidents.
These requirements underline that it is no longer enough for an organization to be able to demonstrate that it can be audited if necessary. Organizations must be able to investigate and respond to security incidents quickly and effectively. These deadlines are almost impossible to meet if security teams do not have the right tools.
NIS2 will exacerbate skills shortage
All too often, when organizations are faced with new security and compliance requirements, their first reaction is to solve the problem with more staff.While it is important to have the right expertise within the organization to achieve and maintain compliance, more staff is not a long-term or sustainable solution as there are simply not enough security specialists.NIS2 will further exacerbate the skills shortage as a large number of organizations will be affected. The organizations that can afford to hire large security teams will secure all the skills available in the market before others get a chance.
The complexity of multi-cloud environments and cloud-native delivery practices presents another challenge to NIS2 compliance, as it has dramatically changed the way security teams approach cybersecurity.Software development is now continuous, with more releases and shorter testing cycles for security teams.As a result, teams are more likely to miss vulnerabilities
To meet the requirements of NIS2 and enable robust vulnerability and incident management, security analysis and reporting processes must be optimized and automated.It is impossible to achieve the level of detail and accuracy in cybersecurity incidents required by NIS2 within the specified timeframe through manual approaches.Organizations need real-time data on their security posture and end-to-end visibility into their hybrid multi-cloud environment.
This can only be achieved by combining security and observability data and automating runtime vulnerability analysis to gain insights into the severity and impact of security incidents. With these insights, teams can immediately assess the urgency of vulnerabilities and determine which systems were affected during an incident – an important prerequisite for early warning reports.They also gain insight into how to prioritize and resolve issues, allowing them to act quickly.
Going beyond compliance
Instead of just focusing on detecting and reporting problems, organizations should try to prevent these problems from occurring in the first place.This means making security a critical component of the software development lifecycle.Many organizations would claim that they already implement this approach, but most do so manually and without end-to-end visibility, which limits effectiveness.For example, security and development teams need to work together to ensure that software is not passed through the pipeline at early stages of development unless both teams are confident that it is secure.
Automated quality and security checks are a good way to avoid manual work in this process.By combining these features with observability data, vulnerabilities or bugs can be detected automatically so that developers can fix them before the code goes to the next stage of deployment.
The deadline for NIS2 is fast approaching, so now is the time for organizations to act and ensure they have the visibility they need to be adequately prepared for compliance requirements.
Dr. Jakob Jung ist Chefredakteur Security Storage und Channel Germany. Er ist seit mehr als 20 Jahren im IT-Journalismus tätig. Zu seinen beruflichen Stationen gehören Computer Reseller News, Heise Resale, Informationweek, Techtarget (Storage und Datacenter) sowie ChannelBiz. Darüber hinaus ist er für zahlreiche IT-Publikationen freiberuflich tätig, darunter Computerwoche, Channelpartner, IT-Business, Storage-Insider und ZDnet. Seine Themenschwerpunkte sind Channel, Storage, Security, Datacenter, ERP und CRM.
Dr. Jakob Jung is Editor-in-Chief of Security Storage and Channel Germany. He has been working in IT journalism for more than 20 years. His career includes Computer Reseller News, Heise Resale, Informationweek, Techtarget (storage and data center) and ChannelBiz. He also freelances for numerous IT publications, including Computerwoche, Channelpartner, IT-Business, Storage-Insider and ZDnet. His main topics are channel, storage, security, data center, ERP and CRM.
Kontakt – Contact via Mail: firstname.lastname@example.org