NIS2 Directive mandates stronger security for industrial remote access

Brussels – The European Union's new NIS2 Directive introduces heightened cybersecurity obligations for industrial entities, with a significant focus on securing remote access to operational technology (OT) systems. These updated regulations aim to address the escalating cyber threats targeting critical infrastructure.

The directive mandates a risk-based approach to cybersecurity, requiring organizations to implement robust defenses and manage supply chain risks effectively. Key security controls now include strong authentication methods and granular access permissions based on the principle of least privilege.

HMS Networks, a provider of industrial communication and remote access solutions through its Ewon brand, emphasizes the critical nature of these new requirements. Implementing multi-factor authentication (MFA) and ensuring default credentials are changed immediately are highlighted as essential steps for compliance.

NIS2 also imposes strict incident reporting obligations to authorities. The directive's specific requirements for remote access cover aspects like access control, vulnerability management, and continuous monitoring, ensuring that connections to industrial assets are adequately protected and documented.