Cybersecurity Consulting

A dive into the deep end

In today’s interconnected world, the significance of cybersecurity is no longer a matter of debate. Cybercrime is a harsh reality. However, many organizations still hesitate to address this critical concern.

One possible reason for this seemingly contradictory situation might be the perceived complexity of cybersecurity. Dealing with this topic can quickly feel like diving into the deep end.

At venatormonte, we firmly believe that it is possible to engage with cybersecurity successfully without even getting your feet wet.

A bridge to calmer waters

At venatormonte, we love supporting our clients in bridging towards enhanced cybersecurity.

Leveraging existing strengths, we develop and implement effective measures, transforming cybersecurity into a continuous process and an integral part of the organization. This way, we secure the long-term success of the company.

You too can bridge to increased resilience for your business! We look forward to assisting you through this journey with expertise and support!

The NIS 2 Directive

On December 14, 2022, Directive (EU) 2022/2555, better known as the NIS 2 Directive, was adopted by the European Parliament and the Council of the European Union. This directive lays down measures that aim to achieve a high common level of cybersecurity accross the European Union.

In addition to obligations for individual member states of the European Union, this directive also defines rules and obligations for specific entities on cybersecurity risk-management, reporting, and cybersecurity information sharing.

Member states of the European Union are obliged to adopt and publish the measures necessary to comply with this directive by October 17, 2024. These measures will apply from October 18, 2024.

Although the process of incorporating the directive into the national laws of individual member states of the European Union is not yet complete, it is now time to assess the extent to which your organization will be affected and the rules and obligations that must be complied with in the near future to ensure the timely implementation of the required measures.

NIS 2 Directive - The Why - Explained by the Directive
Why is it necessary to adopt a directive concerning cybersecurity at the European Union level? Hereinafter, the arguments presented in the NIS 2 Directive itself are summarized.
NIS 2 Directive - Objective of the NIS 2 Directive
The primary objective of the NIS 2 Directive is to ensure the effective functioning of the society and economy through measures for a high common level of cybersecurity across the European Union. This is aimed to be achieved by mitigating threats to systems used to provide essential services in key sectors and ensuring the continuity of such services when facing security incidents.
NIS 2 Directive - The NIS Directive as an Initial Step
On July 6, 2016, the European Parliament and the Council of the European Union took an initial step towards this objective with the adoption of Directive (EU) 2016/1148, better known as the NIS Directive, titled "measures for a high common level of security of network and information systems across the Union".
NIS 2 Directive - Achievements of the NIS Directive
The measures described in this directive have induced some achievements in increasing the level of cyber resilience of individual member states of the European Union and, consequently, of the European Union itself. The NIS 2 Directive refers in this regard to the effect of a significant change in mindset and the improvement of national frameworks, as well as the cooperation at the Union level regarding the security of systems used to provide essential services in key sectors.
NIS 2 Directive - Examples of Achievements of the NIS Directive
Specifically, the establishment of national strategies on the security of systems providing essential services, the establishment of national capabilities, the implementation of regulatory measures covering entities and systems identified as essential, as well as the establishment of the Cooperation Group and the network of national Computer Security Incident Response Teams (CSIRTs) at the Union level, are mentioned as concrete achievements in this context.
NIS 2 Directive - Shortcomings of the NIS Directive
However, the review of the implementation of the NIS Directive also revealed shortcomings, particularly stemming from providing the member states of the European Union with very wide discretion regarding the implementation of the directive into national law. Besides the level of detail, the NIS 2 Directive mentions the different and sometimes conflicting implementation of the NIS Directive by member states at the national level concerning the delimitation of the scope, obligations regarding the security and incident reporting, as well as supervision and enforcement.
NIS 2 Directive - Entailments of the Shortcomings of the NIS Directive
The divergent implementation of the NIS Directive by the member states of the European Union entailed a fragmentation of the internal market affecting cross-border activities, additional costs, and limitations in legal certainty regarding obligations. Moreover, the higher vulnerability of some states to cyber threats can negatively affect the level of cyber resilience of other states.
NIS 2 Directive - Homogenization Measures of the NIS 2 Directive
The NIS 2 Directive aims to remove such divergences among member states of the European Union by setting out minimum rules regarding the functioning of a coordinated regulatory framework. As a uniform criterion determining the entities falling within the scope of the directive, a size-cap rule with exceptions for small enterprises and microenterprises which fulfill specific criteria that indicate a key role for the society or economy in general, respectively for certain sectors or types of service in particular, is established. Furthermore, effective remedies and enforcement measures are defined.
NIS 2 Directive - Expansion of the Cyber Threat Landscape
Additionally, the NIS 2 Directive seeks to address the expansion of the cyber threat landscape due to current and emerging cybersecurity challenges, leading to an increase in the frequency, sophistication, and impact of security incidents driven by the speedy digital transformation and interconnectedness of society.
NIS 2 Directive - Updates of the NIS 2 Directive
To guarantee the proper functioning of the internal market, the NIS 2 Directive aims to ensure a comprehensive coverage of services of vital importance to key societal and economic activities in the internal market. To this end, the list of sectors and activities subject to cybersecurity obligations has been updated and extended to a larger part of the economy.

We look forward to assisting you in bridging to an organization that is not only compliant with legal requirements but also better prepared for the expanding cyber threat landscape.

Welcome!

Michael Jagersberger
With venatormonte, I aim to contribute to securing your long-term business success by collaboratively developing information security into an automatism within your organization.
Seattle student David Lightman, in an attempt to hack into a video game developer’s system, accidentally connects to the computer controlling the USA’s nuclear weapons, almost triggering World War III.

For a computer-loving teenager of the 1980s like me, the movie WarGames, from which this scenario originates, was of course essential viewing. Today, 40 years later, in a largely digitalized and interconnected world, we find ourselves in a situation where disruptions to systems performing far less spectacular tasks can have significant impacts on our lives.

After over two decades in positions with management and leadership responsibility, most recently as Vice President Research and Development at a Sweden-based global provider of software products for the cybersecurity and telecommunications sectors, I have decided to seek a new challenge by starting my own business. With venatormonte, I aim to contribute to securing your long-term business success by collaboratively developing information security into an automatism within your organization.

As a Certified ISMS Manager and Auditor according to ISO 27001, I am familiar with the extensive requirements for a so-called Information Security Management System outlined in this standard. However, from my own professional practical experience I also understand the importance of setting the right priorities and effectively utilizing available resources, regardless of organizational size. Therefore, I focus on developing solutions tailored to your specific situation without reinventing the wheel.

David Lightman manages to avert the nuclear catastrophe at the last moment. While our collaboration may not save the world, I believe that achieving a state where your company becomes an organization whose resilience continuously grows contrary to the trend of an increasing threat landscape will also be a very nice success.

I look forward to it!

– Michael Jagersberger

venatormonte contact details
Scroll to Top