COMPLY OR DIE: A case study of conditions for NIS2-compliance
2024 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE credits
Student thesis
Abstract [en]
Cybersecurity is increasingly becoming more pervasive and prevalent due in part to ongoing conflicts in the world as well as increased reliance on digital technologies. To combat the emerging threats posed by this, the European Union introduced NIS2, a legislation aimed at increasing the lowest level of cybersecurity across its member states. Thus, the research question this study set out to answer was “How can conditions for organizational compliance with NIS2 be evaluated?” This case study has utilized a Delphi-panel with experts within the field, conducted interviews, analyzed internal documents, and established cybersecurity standards. The study has found several crucial conditions for reaching compliance with this new legislation, it has also developed a means of evaluation for organizations forced to comply. The findings further the field of cybersecurity by uncovering ownership as an important and generally overlooked condition for compliance. As well as providing a tool for practitioners and researchers to help evaluate conditions for NIS2 compliance.
Place, publisher, year, edition, pages
2024.
Series
Informatik Student Paper Master (INFSPM) ; 2024.06
Keywords [en]
Cybersecurity, Compliance, Readiness, Ownership, NIS2
National Category
Information Systems, Social aspects
Identifiers
URN: urn:nbn:se:umu:diva-227181OAI: oai:DiVA.org:umu-227181DiVA, id: diva2:1877373
Educational program
Master's Programme in IT Management
Supervisors
Examiners
2024-06-262024-06-252024-06-26Bibliographically approved