Prepare for the arrival of NIS2 with Whalebone

What is NIS2?

NIS2 is a European directive focused on the security of Network and Information Systems (NIS2) and contains a set of regulations to ensure the security and resilience of these systems throughout the European Union (EU). It seeks to improve cybersecurity in the EU in several ways.

With EU countries adopting the NIS2 directive in late 2022, member states have two more years to transpose it into national law. This means we can expect new legislation in the fall of 2024. The obligations for the organizations covered by this legislation are expected to take effect in early 2025.

Whalebone Immunity

Whalebone Immunity provides businesses and institutions with a critical layer of protection with complete control over DNS traffic, regardless of the size or complexity of their network. Since more than 90% of malware uses DNS resolution at some point in its lifecycle, this layer allows you to stop attack strategies that bypass traditional protection methods such as firewalls and endpoint security.

Many organizations still do not have direct control over their DNS resolution and do not monitor or filter their DNS traffic. This makes them vulnerable to:

• DNS tunneling, which is used to exfiltrate data from the network or to sneak in malicious code. For example, this was one of the methods used in the Solarwinds attack, one of the largest attacks of our time, which affected more than 18,000 companies and institutions, including Microsoft, Cisco and parts of the Pentagon.
• DGA (domain generation algorithms), which create arbitrary domains to communicate with malware in the target network, bypassing traditional detection methods that rely on threat intelligence databases.
• Malware delivered through supply chain attacks, IoT attacks and more, as these methods usually circumvent standard security. However, all devices must use DNS resolution, which can protect them at this layer.

Given the nature of NIS2, we are not sure if Immunity directly addresses items in the directive as implemented in your target countries. Since NIS2 generally focuses on security and privacy incidents, their reporting, and steps taken to mitigate threats, we can say the following about key NIS2 areas:

Risk management
To comply with the new directive, organizations must take measures to minimize cyber risks. These measures include incident management, stronger supply chain security, enhanced network security, better access control and encryption.
How to use Whalebone Immunity to comply:

• You can precisely locate the device that was part of a security incident, the domains used in the incident
• Supply chain attacks are not really preventable for the attacked party, but thanks to a protective DNS that disrupts every step of the attack lifecycle, the consequences are. This means that even when defenses are breached, you can still prevent data theft, the deployment of ransomware and more.
• Increase threat detection rate by 80% – Whalebone Immunity significantly improves the overall security of your network with the addition of a different technology approach and unique threat intelligence.

Corporate accountability
NIS2 requires corporate management to monitor, approve and be trained to address cyber security measures of the entity. Breaches can result in penalties for management, including liability and a possible temporary ban from performing management functions.

• Whalebone Immunity runs completely independently on the devices it protects and requires no software maintenance on the end devices or employee training.
• It runs 24/7 at the network level and in its core function it requires no input or maintenance.
• The user-friendly UI allows even people with minimal skills to use the more specific functions.

Reporting Requirements
Essential and key entities must have processes in place for prompt notification of security incidents that significantly impact their services or recipients. NIS2 establishes specific notification deadlines, such as a 24-hour “early warning.”

• Prevent notification by stopping incidents before they reach your network
• View all DNS traffic information related to any incident that might occur

Business continuity
Organizations should plan how they plan to ensure business continuity in the event of major cyber incidents. This plan should include considerations about system recovery, emergency procedures and setting up a crisis response team.

• Whalebone Immunity is the ultimate fast security solution – it can be deployed in less than 2 hours to cover the entire network, no matter how complex.

Still have questions about NIS2? Please do not hesitate to contact [email protected].