On 21 September 2023, ECSO hosted its second virtual discussion in its NIS2 Implementation Initiative as part of its mission to empower and inform Members in cybersecurity policy. Featuring guest experts on NIS2 compliance, the meeting facilitated the information exchange and best practice sharing for implementing the NIS2 Directive. The discussions highlighted necessary steps and procedures for achieving compliance, the importance of implementing technical and operational measures, and lastly, the call for cooperation amongst ECSO Members.

After the first successful NIS2 Implementation Initiative meeting in June, ECSO organised a second virtual discussion on 21 September 2023 to facilitate the exchange of information and best practices of NIS2 implementation among entities directly or indirectly affected by the NIS2 Directive. This time, ECSO welcomed expert speakers Mansur Abilkasimov (Deputy Global CISO & CPSO), Eloïse Ryon (Senior Manager Europe Digital Policy) and Cristina Palomo (Director of Cybersecurity Risk & Compliance) from Schneider Electric to share their experiences in preparing their company for NIS2 compliance.

Providing a comprehensive view of Schneider Electric’s NIS2 compliance strategy, the speakers shared the company’s processes to meet NIS2 requirements with the Members, providing a practical and hands-on description of necessary steps and procedures for achieving compliance. Furthermore, invaluable insights about risk management best practices were shared, providing attendees with actionable takeaways to enhance their own cybersecurity policy strategies.

To ensure strict compliance, Schneider Electric adopts a proactive approach that involves internal monitoring across European countries where the company operates. This approach highlights two crucial focal points. First, organisations must distinguish between being classified as “Important” or “Essential” entities, a key determination that influences compliance requirements. Second, it is important for organisations to anticipate and stay informed about national transpositions of the NIS2 Directive, preparing for potential changes that may impact their compliance efforts.

Additionally, the discussions emphasised the critical need for implementing not only appropriate but also proportionate technical, operational, and organisational measures to effectively manage cybersecurity risks. Lastly, the speakers also extended a call for cooperation to ECSO Members. They invited fellow Members to share insights and work collaboratively to successfully implement the NIS2 directives, emphasising the importance of supporting one another in achieving compliance.

ECSO is proud to be a trusted partner of the EU institutions and to help its Members in implementing EU cybersecurity policies. By organising such informative discussion sessions, ECSO fulfils its larger mission of contributing to Europe’s digital sovereignty by aiding its Members in comprehending and navigating the ever-evolving cybersecurity legislative landscape and making sure that Europe at large remains cyber-resilient.