Network & Information Systems Directive

Tuesday, 12 June 2018


We are all well versed in GDPR but it was not the only piece of European regulation relating to data security which came into force in May. It’s lesser known friend the
EU Directive on the security of Network and Information Systems (NIS) took effect on 10th May 2018.

NIS impacts on all organisations deemed to be an ‘Operator of Essential Services - think electricity, water, healthcare, transport services, banking. It also applies to some Digital Service Providers who offer services within the EU. A cyber-attack on these systems could have a severe impact on the infrastructure of entire countries and the regulations aim to ensure that services in the EU have robust defences in place.

Digital Service Providers are included if they employ more than 50 people and/or their balance sheet totals more than €10 million. It covers providers of services such as:


  • Search engines
  • Cloud computing services
  • Online marketplaces

Services must take technical and organisational measures they consider proportionate to manage the security risks and they are required to consider key elements including business continuity management and incident handling procedures. Like GDPR there will be punitive fines if organisations fail to demonstrate that their cyber security systems are secure.

The regulations specifically encourage “the use of European or internationally accepted standards and specifications relevant to the security of network and information systems”. So, internationally recognised security standards such as ISO27001 are likely to see a rise in interest. All services impacted will be responsible for the resilience of their suppliers and supply chain security, so requirements are likely to have a knock on effect to other organisations. So, if you are a supplier or aspire to be a supplier of any of these organisations, then now is a good time to review your cyber security strategy and at the very least get your Cyber Essentials certification in place, if you haven’t already.

Our technical consultants can advise on all aspects of your cyber security systems and provide guidance on which security standards meet your business needs.

Contact us today for more information.

RedMosquito provide Managed IT Support Services across, Glasgow, Edinburgh, Stirling and throughout Scotland.


T 0141 348 7950
Glasgow 27 Panorama Business Village, Glasgow. G33 4EN
Edinburgh 8 Albany Street, Edinburgh EH1 3QB


facebook gplus twitter linkedin


Formed in 1999 Red Mosquito provide a complete one-stop technical consultancy service offering managed services IT support, computer maintenance, computer networking and Cloud Services to businesses in Scotland and beyond. We operate as a complete outsourced IT department dealing with all of the day to day administration and configuration of our client's systems.

Based at our Operations Centre in Glasgow and in Edinburgh, we're in the business of providing top quality IT services driven by our passion for technology. Our team of experienced IT support engineers operates throughout Scotland keeping your servers and desktop computers running smoothly so that you can concentrate on what's really important - your business.

We are your IT department.

Case Studies

  • Russel & Aitken

    Founded in Falkirk in 1818 Russel & Aitken is one of the oldest legal firms in Scotland. From the start they have been associated with innovative new technologies and today they continue to maintain a modern and progressive approach to their business.

  • CMS Windows Ltd.

    When Red Mosquito started working with CMS in early 2011 our first task was to fully understand a complex business and the needs of its employees....