Hikvision Complies with the EU’s 2022 ‘Network and Information Security (NIS2) Directive’
As a global leader in the video security industry, Hikvision is committed to upholding the highest industry standards. For dealers, end-users, and regulators, it’s important to know that Hikvision complies with the European Union’s (EU’s) 2022 “Network and Information Security (NIS2) Directive.”
The NIS2 Directive was adopted in December 2022 to update and replace the first-ever EU cybersecurity legislation, NIS1, adopted in 2016. Each EU Member State now has until 17 October 2024 to transpose the NIS2 Directive into its national legislation. The NIS2 aims to strengthen the collective cybersecurity level across EU Member States by increasing and harmonizing cybersecurity enforcement requirements for critical infrastructure sectors, enhancing cooperation between cybersecurity authorities, addressing the security of supply chains, and streamlining reporting obligations.
The NIS2 Directive applies to all companies, suppliers, and organizations, including non-EU entities, that deliver essential services in the EU. Entities under the scope of the Directive will face stricter cybersecurity requirements, with the possibility of administrative fines and withdrawal of license(s) to operate if organizations do not comply. More stringent requirements mean your organization must lay out precise risk management, control, and oversight plans.
The NIS2 is to European cybersecurity what the GDPR has been for European personal data protection. Where the GDPR strengthened the requirements for how EU Member States manage personal data, the NIS2 aims to ensure that all companies and organizations considered “essential” and “important” in these countries maintain an adequate level of cybersecurity to prevent and mitigate the impacts of cyberattacks.
Compliance with NIS2 includes the following items:
- Regular risk assessment and management
- Cybersecurity training
- Security policies and procedures to manage cyber risks and incident handling
- Crisis management (business continuity, backup, recovery)
- Supply chain security (assessments)
- Security of networks and information systems (development, maintenance)
- Vulnerability handling and reporting
- Data encryption/Cryptography
Hikvision meets all of these requirements.
Beyond complying with NIS2 requirements, Hikvision adheres to internationally recognized cybersecurity standards such as ISO 27001, ISO 27701, and CSA STAR, in addition to zero-trust best practices within network and architecture. A dedicated Product Security Team extensively tests all third-party software components in our products before implementation. Hikvision is also a CVE Partner, part of the global family of companies that maintain the CVE vulnerability library.
Contact the EU team to learn more about Hikvision’s NIS2 compliance and cybersecurity practices.