Compliance

Achieving NIS2 Directive Compliance Requirements with Teleport

What is the European Union’s NIS2 Directive?

The NIS2 Directive is an updated cybersecurity regulation from the European Union aimed at enhancing the resilience and security of essential and important entities within critical sectors.

It expands the scope of cybersecurity measures, streamlines incident reporting, and introduces uniform penalties across the EU.

Subject organizations must comply by implementing cybersecurity risk management protocols, ensuring corporate accountability, and adhering to strict incident reporting timelines.

Why is it important?

If your organization falls under the NIS2 Directive’s classification of "essential" or "important" entities — such as those in critical sectors like finance, healthcare, public administration, or technology — compliance is not optional.

Non-compliance can result in fines, forced instructions, and even personal liability for top management after a cybersecurity incident.

Additional cybersecurity laws will also be implemented by EU Member States as directed by the NIS2 framework.

Selected NIS2 requirements

Article 21: Cybersecurity risk management

Organizations must implement measures to manage cybersecurity risks, such as strong access control, network security, incident management, and secure supply chains. The goal is to reduce vulnerabilities and strengthen the organization’s overall cybersecurity posture.

The cybersecurity obligations outlined in Article 21 include:

Comprehensive risk analysis and security policies
Incident handling procedures
Business continuity and crisis management
Supply chain security
Secure system development and vulnerability management
Cyber hygiene and employee training
Use of cryptography and encryption
Access control and asset management
Multi-factor authentication and secure communications

Article 23: Reporting obligations

Organizations must establish processes to detect, report, and respond to cybersecurity incidents swiftly.

Article 23 of the directive mandates:

Early warning: Organizations must notify the relevant Computer Security Incident Response Team (CSIRT) or other competent authorities within 24 hours of becoming aware of a significant incident.
Initial report: Within 72 hours, an initial report must be submitted, detailing the severity, impact, and Indicators of Compromise (IOCs) of the incident.
Final report: A comprehensive final report must follow within one month, outlining the root causes, mitigation measures, and cross-border impacts of the incident.

How Teleport helps address NIS2

Access control requirements

The directive mandates strong access control, and by eliminating standing credentials, Teleport enforces the principle of least privilege. This promotes a Zero Trust Architecture (ZTA) that specifies that no endpoint or user should be trusted until verified.

Access requests and approval workflows

Teleport provides a built-in access request and approval system, giving management the ability to control and review access to sensitive systems and helping demonstrate adherence to the access control and policy obligations of NIS2.

Cryptographic identity security

Teleport leverages short-lived cryptographic identities to assign access to users, machines, and workloads, eliminating the need for credentials or secrets by requiring authentication – and supporting alignment with NIS2 requirements on authentication and the use of encryption.

End-to-end encryption

Teleport ensures all connections are encrypted, protecting sensitive data in transit and ensuring the integrity of communications within the supply chain – a crucial element in securing third-party access to systems.

Identity-based authentication

Teleport enforces strong authentication and authorization mechanisms, limiting access to critical infrastructure only to authorized users, mitigating insider threats, and reducing the risk of unauthorized access.

Role-based access control (RBAC)

This feature ensures that users only have access to the systems and data necessary for their role, further aligning to the strong access controls mandated by NIS2.

Secure remote access

Teleport enables secure, remote access to applications and workloads from anywhere in the world, which is crucial for organizations with distributed teams or those who rely on external partners.

Unified policy management

Teleport enables the creation and application of security policies across all systems and infrastructure, from cloud environments to on-premises data centers.

Audit logging

Teleport provides comprehensive audit logs of all access requests and session recordings, enabling organizations to quickly detect and respond to security incidents. These logs are critical for meeting NIS2’s reporting obligations, which require timely incident reporting and analysis.

Incident intervention

Teleport allows administrators to intervene in real time by modifying or revoking access, implementing additional security measures, or isolating compromised systems – ensuring compliance with NIS2’s emphasis on rapid response to cyber incidents.

Real-time monitoring

Teleport’s session monitoring tools enable organizations to track user activity in real-time, providing early warning data on potential security incidents as required by the directive.

White paper