NIS 2 at ABB

What is NIS 2?

The European Union (EU) introduced the Network and Information Security (NIS) 2 Directive in December 2022 as an update to the original EU cybersecurity rules introduced in 2016. The NIS2 Directive is legislation that modernizes the existing legal framework to keep pace with increased digitization, and an evolving cybersecurity threat landscape.

NIS2 expands the scope of EU cybersecurity rules to new sectors and entities with the goal of improving the resilience and incident response capacities of public and private entities, competent authorities, and the EU as a whole. This new directive is also a positive step for all citizens of the EU because it aims to secure the critical infrastructure that all EU citizens need and rely on.

How is ABB meeting these requirements ?

At ABB, we understand the importance of cybersecurity compliance in the digital landscape. We take a proactive approach to thoroughly analyze the impact of NIS 2 on our operations to work towards compliance. We have in place policies and procedures to evaluate the effectiveness of protection measures in information security. We also promote cybersecurity culture by cultivating basic cyber-hygiene practices, providing cybersecurity training to improve organizational preparedness, and secure management of users and accounts. Some of our other compliance measures in alignment with NIS 2 are:

• Policies on risk analysis and information system security
  • Incident Handling Procedures
  • Business Continuity Planning
  • Supply Chain Security
  • Network and Information Systems Security
  • Effectiveness of cybersecurity risk management
  • Cybersecurity Awareness across the organization