NIS 2 Directive for better cybersecurity transposed in Luxembourg

The NIS 2 law and a resilience law have finally been voted today, unanimously, by the parliament of Luxembourg. From tomorrow on, all private entities considered as important or essential (up to them to find out, see link below) and all public entities (all, including municipalities, inter-municipal association, ministries… they do not need to find out) MUST have a top-management-approved risk assessment and risk treatment plan and several policies enforcing cybersecurity, such as asset management, Human Ressource security, access control, … A huge work for which itrust consulting is prepared to help. Here our tactic: First a high-level risk treatment plan to get compliant after a week, then a fine-tuned an improved version for reporting to the regulator, both work to be achieved thanks to our free tools OpenTRICK and OpenARIANA.