True experts in cybersecurity

Compliance Ensures the Protection of Data and Actively Mitigates Risks

You need a cybersecurity strategy that limits business interruptions, meets regulatory demands, and enables you to reach your business goals.

We safeguard you against cybercrime

The Regulatory Requirements

The regulatory requirements on the horizon like NIS2*, CRA*, DORA*, CSA*, and the ever-evolving GDPR dictate that you need to work with cybersecurity in a market-established, structured, and accepted way. The number of regulatory requirements will only continue to grow, so it’s high time to ensure your business is well prepared for a new future.

We safeguard you against cybercrime

What Are NIS and NIS2?

The NIS directive, introduced by the EU in 2016, mandates security requirements for critical service providers in sectors like energy, healthcare, and transportation. NIS2, the updated directive (EU) 2022/2555, expands its scope beyond earlier versions, encompassing more organizations.

This new legislation reflects evolving cybersecurity threats and aims to standardize implementations across EU states. In Sweden, the directive is transitioning into the law (Lag (2018:1174) om informationssäkerhet för samhällsviktiga och digitala tjänster) with a targeted implementation by Q3 2024.

NIS2 compliance

NIS2 Program

NIS2 is a directive from the EU Parliament, approved in November 2022, that all EU member countries are required to follow by 2024. Truesec’s IT strategists can help your organization with your NIS2 Directive journey to compliance.

  • Continuous monitoring of legislative developments both in NIS2 and also in adjoining and sometimes overlapping legislations (such as DORA, CSA, and CRA).
  • Scoping support for organizations.
  • Implementation support for the NIS2 regulation.
  • Information and education about security measures.
  • Technical support from Truesec’s wide range of technical and compliance services.

How we help

Working With Information Security

The two most established ways on the market for working with information security are the ISO/IEC 27001:2022 Standard and the NIST Framework. They both strive to give you practices for handling the information security domain with a risk-based approach. Using one of these enables you to take the guessing and “reinventing the wheel” part out of the work and focus on implementation.

Improve cybersecurity

Truesec Has Resources To Help With All Aspect of This Regulation

We can support your organization with the following:
  • Legal and compliance analysis of scope
  • Vulnerability discovery as input to an educated risk assessment
  • Risk analysis
  • Comprehensive detection mechanisms for both IT and OT environments
  • NIST assessments
  • Advanced management methods for all types of incidents
  • Threat analysis
  • ISO Gap analysis
  • Writing policies and procedures
  • Improved access control and modern authentication mechanisms
  • Secure IT Infrastructure
  • Third-party analysis
  • Directed education for management and board

Truesec CSIRT

Are You Under Attack?