If you are an Operators of Essential Services or a Digital Service Provider in Europe or in the UK, we have developed solutions to help you prepare and comply with the NIS Directive.

NIS Directive Readiness Assessment

We look at your existing security measures and identify improvements to better protect of your critical service.

You receive:

  • A better vision of your security posture and priorities
  • Support to your security strategy
  • Mandatory compliance documents

Appropriate Security Measures

We define and implement appropriate and proportionate security measures to protect you from the risks you face without disruption.

You receive:

  • Appropriate security measures mapped to existing standards/guidance
  • Recommendations to better manage cyber risks
  • Evidence to prepare for regulatory inspection

OT Security

We develop appropriate security measures to protect your OT systems from cyber attacks.

You receive:

  • Review of your security for OT and legacy systems
  • Gap analysis and improvement
  • Development of security remediation for OT (e.g. segmentation)

NIS Directive Compliance Programme

We support your NIS Directive compliance by accompanying you in your self-assessment and for your improvement roadmap.

You receive:

  • Support to fulfil your NIS Directive requirements
  • A list of security priorities, an improvement roadmap and quick wins
  • Input for your continuous improvement programme

Awareness and Training

We make sure your board and your staff understand their obligations and what constitutes a successful NIS Directive implementation.

You receive:

  • Bespoke training on the NIS Directive
  • A better understanding of your requirements

We propose the following training courses:

Cetome has trained several Competent Authorities and OESs.


More Information on the NIS Directive

The new EU Directive on security of network and information systems (or NIS Directive) brings new obligations to operators of essential services and digital service providers. They must implement appropriate security measures and report serious cyber security incident within 72 hours. The NIS Directive is the GDPR of critical infrastructure: maximum fines for a major breach can reach several hundred thousand Euro and up to £17M in the UK.

The NIS Directive is an opportunity to formalise existing security practices and improve your security practice to minimise the risks caused by a cyber attack.

Cetome accompanies you to comply with the NIS Directive!

We work with Operators of Essential Services and Digital Service Providers to ensure their security complies with the NIS Directive.

We have experience in the following sectors:

  • Transport: railway and road transport
  • Energy
  • Healthcare
  • Internet Infrastructure: DNS operators and Internet Exchange Points
  • Digital Service Providers: Cloud Service Providers and Marketplaces