Skip to Content

Managed Detection and Response Capabilities for DORA and NIS 2 Compliance

NISA 2 and DORA

The information provided in this marketing post is for general informational purposes only and is not intended to be legal advice. Please be aware that reading or interacting with this content does not establish an attorney-client relationship between you and ReliaQuest or any of its representatives. This post is not a substitute for professional legal counsel tailored to your specific circumstances. ReliaQuest recommends that you seek personalized advice from a qualified attorney regarding any legal matters or concerns you may have. Reliance on any information provided in this post is solely at your own risk.

As the world becomes increasingly digitised, the risk of cyberattacks has grown exponentially. In response, governments are imposing requirements on organisations in critical sectors to standardise incident response processes and reporting to ensure uptime and recovery in the event of an incident. The Network and Information Security Directive (NIS 2) and the Digital Operational Resilience Act (DORA) are part of this effort.

Managed detection and response (MDR) providers can play a crucial role in helping organisations navigate the complex requirements of DORA and NIS 2. By leveraging advanced tools and expertise, MDRs can scale an organisation’s threat detection, investigation, and response (TDIR) processes and enhance its resilience and operational continuity in the face of cyber incidents.


What Is Network and Information Security Directive (NIS 2)?

The NIS 2 Directive is an expansion of cybersecurity rules that apply to members of the European Union. The first set of rules was introduced in 2016. This most recent iteration modernises the legal framework to reflect growth in digitisation and evolving cybersecurity threats.

The NIS 2 Directive aims to improve cybersecurity across the EU by:

When Does NIS 2 Go into Effect?

NIS 2 goes into effect on 17 October 2024.

Please note that NIS2 is an EU Directive, which will be adopted and enforced through the national laws of each member state (e.g., Germany’s KRITIS-Dachgesetz, Austria’s NIS-Gesetz, etc.). While meeting the deadline remains uncertain for some states, many are on track, and countries like Belgium have already adopted the law and are ready for 17 October 2024. If your organization operates across borders, you may encounter overlapping jurisdictions.

Who Does NIS 2 Apply To?

Sectors of High Criticality
Energy
Financial Market Infrastructures
Waste Water
Public Administration
Transport
Health
Digital Infrastructure
Banking
Drinking Water
ICT Service Management (B2B)
Space
Other Critical Sectors
Postal and Courier Services
Production, Processing and Distribution of Food
Waste Management
Manufacturing
Research
Manufacture, Production, and Distribution of Chemicals
Digital Providers

What Are the Key Requirements of the NIS 2 Directive?

Minimum requirements include:

In the event of an incident, the affected company has 24 hours from the time they become aware of the incident to submit an initial report. Full notification is expected within 72 hours, and a final report is required no later than one month after the initial incident.


What Is the Digital Operational Resilience Act (DORA)?

The Digital Operational Resilience Act (DORA) requires financial institutions to secure its information and communication technology (ICT) using a specific set of guidelines. Ultimately, the goal of DORA is to ensure the resilience and recovery of financial institutions in the EU in the face of severe operational disruption.

Note that DORA’s provisions related to ICT risk management and reporting, digital operational resilience testing, information sharing, and third-party risk vary from those outlined in NIS 2.

When Does DORA Go into Effect?

DORA goes into effect on 17 January 2025.

Who Does DORA Apply To?

Financial entities such as banks, insurance companies, and investment firms.

What Are the Key Requirements of DORA?

DORA mandates that financial organisations adopt systems, protocols, and tools that reliably support the entity’s data and business functions detailed in the risk management framework.


How ReliaQuest Can Help

The ReliaQuest GreyMatter security operations platform has capabilities that can help organisations build towards DORA and NIS 2 requirements. In addition to comprehensive threat detection, investigation, and response (TDIR), GreyMatter provides security program measurement and benchmarking via its Model Index.

Regulatory Requirements How GreyMatter Helps
Incident management and reporting  Unified threat detection, investigation and response (TDIR) capabilities; automated documentation of the entire process
Threat intelligence GreyMatter Intel pulls threat intelligence from custom and open threat feeds, and the ReliaQuest Threat Research team builds detailed threat actor reports to aid in building detections and during investigation.
Governance, risk management, and resilience The GreyMatter Model Index provides live security performance metrics. A dedicated customer success manager helps customers uncover areas of improvement and builds roadmaps to higher maturity.
Early detection Digital risk protection monitors your attack surface as well as the dark web for potential threats. GreyMatter’s detection-at-source capability shortens the time between an incident and detection.
Robust incident management and prevention strategies ReliaQuest- or customer-run threat hunts allow companies to proactively locate and eliminate lurking threats.
Quickly detect and respond to incident ReliaQuest brings AI and automation to the TDIR process, shortening the mean time to resolve a security incident from hours to minutes.
NISA 2 and DORA

See GreyMatter in Action

Get a live demo of our security operations platform, GreyMatter, and learn how you can improve visibility, reduce complexity, and manage risk in your organization.

cta-img1