The National Cyber Security Centre (NCSC) has published guidance for management-board members of organisations covered by an EU directive on cybersecurity.
The NIS2 directive requires the management bodies of essential and important entities to approve and oversee cybersecurity risk-management measures and complete cybersecurity training.
The NCSC’s guidance is designed to help accounting officers and senior managers to understand and meet their cybersecurity responsibilities under the directive.
The body says that its Cyber Fundamentals Framework (CyFun) is at the centre of the document.
CyFun is the NCSC’s preferred risk-based framework for helping organisations put their legal obligations into practice.
The centre describes NIS2 as “a landmark shift in the legislative landscape”, which assigns accountability for cybersecurity risk management to the highest level of executive management.
“Cybersecurity has evolved far beyond a technical challenge handled in server rooms; it is now a fundamental boardroom priority,” said Minister for Justice Jim O’Callaghan.
“Ireland’s economic prosperity and social wellbeing are inextricably linked to the strength of our digital infrastructure,” he added.