Article | REF: H5345 V1

NIS2 and ISO/IEC 27001 - Towards a cyber resilience of the European Union

Author: Dany CORGIAT

Publication date: July 10, 2024 | Lire en français

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!

Automatically translated using artificial intelligence technology (Note that only the original version is binding) > find out more.

A | A

5. Cyber-resilience activities and continuous improvement plan

According to ISO 9001, the quality management standard, continuous improvement is "a regular activity designed to increase the ability to satisfy requirements".

Crises linked to cyber-attacks or cyber-crime can generate anxiety, prompting us to act with a sense of urgency. During a disaster, we may identify vulnerabilities in our processes, in our human activities or in our technological security measures. Although very negative, these chaotic situations very often highlight a certain immaturity in the organization of our cyber defense. They demonstrate that a posture focused exclusively on cost reduction is totally at odds with efficient cyber resilience activities. They show that the absence of an effective risk assessment is all too often induced by a significant reduction in the finances allocated to our cyber defense....

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!

The Ultimate Scientific and Technical Reference

A Comprehensive Knowledge Base, with over 1,200 authors and 100 scientific advisors

+ More than 10,000 articles and 1,000 how-to sheets, over 800 new or updated articles every year

From design to prototyping, right through to industrialization, the reference for securing the development of your industrial projects

This article is included in

Security of information systems

This offer includes:

Knowledge Base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

Practical Path

Operational and didactic, to guarantee the acquisition of transversal skills

Doc & Quiz

Interactive articles with quizzes, for constructive reading

Subscribe now!

Ongoing reading
Cyber-resilience activities and continuous improvement plan

Previous
page Cyberresilience and crisis management

Differences between NIS2 and ISO/IEC 27001

Bibliography

(1) - TENEAU (G.) - La résilience des organisations : Les fondamentaux. - Éditions l'Harmattan (2017).
(2) - MOREL (Chr.) - Les décisions absurdes, I. - Éditions Gallimard (2014).
(3)...

Standards and norms

Information security, cybersecurity and privacy protection – Information security management systems – Requirements - ISO/IEC 27001 - 2022
Information security, cybersecurity and privacy protection – Information security management systems – Requirements. Amendment 1: Action on climate change. - ISO/IEC 27001:2022/Amd 1 - 2024
Information security, cybersecurity and privacy protection – Information security...

Regulations

(non-exhaustive list)

Directive (EU) 2022/2555 of the European Parliament and of the Council of December 14, 2022 on measures to ensure a common high level of cybersecurity throughout the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (SRI 2 Directive), OJEU L 333 of December 27, 2022.

Treaty on the Functioning of the European...

5. Cyber-resilience activities and continuous improvement plan

Bibliography

Standards and norms

Regulations

(non-exhaustive list)

Directory

Organizations – Federations – Associations (non-exhaustive list)