The better the question. The better the answer. The better the world works. У вас есть вопрос? У нас есть ответ. Решая сложные задачи бизнеса, мы улучшаем мир. У вас є запитання? У нас є відповідь. Вирішуючи складні завдання бізнесу, ми змінюємо світ на краще. Meilleure la question, meilleure la réponse. Pour un monde meilleur. 問題越好。答案越好。商業世界越美好。 问题越好。答案越好。商业世界越美好。

What is the impact of NIS Directive on OT environment?

The NIS Directive on security of network and information systems is the EU-wide legislation on cybersecurity that provides legal measures to boost the overall level of cybersecurity in the EU. Its objectives are to ensure Member States’ preparedness, cooperation and a culture of security across sectors which are vital for the economy and society and moreover rely heavily on ICTs.

The Directive focuses on security requirements for operators of essential services and digital service providers. This first group includes enterprises from various industrial sectors such as energy, oil and gas, transport and water. EY’s objective is to help such companies secure their OT (Operational Technology) environments / Industrial Control Systems (ICS) in order to comply with new requirements.

Now is the time to act as Member States were obliged to identify operators of essential services by the 9th of November, 2018.

What are the challenges for the identified entities?



As an operator of essential services, to comply with the new NIS regulations by being able to identify all attack vectors and manage security risks you must have comprehensive and up-to-date knowledge about all of the OT assets that you have in your network.

This is only possible with a proper and systematic

Asset Management

– a complex challenge that can be made easy with our help.



New regulations require you to take appropriate measures to prevent and minimize impact of the incidents affecting the security of your network and information systems.

To achieve this it is crucial to ensure visibility of network traffic and ability to detect anomalies in your OT network.

OT monitoring tools

are the state-of-the-art solution that you can seamlessly implement with our guidance.



You are obliged to notify, without undue delay, the competent authority or the CSIRT of incidents having a significant impact on the continuity of the essential services provided.

OT Security Operations Centres (OT SOC)

that can be implemented as an external service orsupport existing SOC enable fast incident detection, reaction and reporting of OT incidents, which is crucial in light of new regulations.

HIGH FINANCIAL PENALTIES may be imposed on operators of essential services for violating the provisions of the NIS Directive.

How EY helps operators of essential services?

Due to many years of experience in OT and IoT cybersecurity gained through execution of hundreds of projects for international and local entities including large enterprises from key sectors, government bodies and European Union agencies, EY offers Clients assistance in implementing OT security requirements imposed by the NIS Directive and national laws that implement and enforce them in Member States. A wide range of EY services in the OT security area targeted at compliance with the NIS Directive and legal acts that implement the Directive in Member States includes audits, implementation support and provision of support services for OT infrastructure:

EY - Development and support in the implementation of technical  and organisational security measuresDevelopment and support in the implementation of technical and organisational security measures:

  • OT cybersecurity strategy, policy and organizational structure
  • Comprehensive Asset Management including analysis of the current state, definition of asset management processes and procedures, support in implementation of modern tools enabling automated asset discovery and managed services
  • Measures to prevent and limit the impact of incidents (mechanisms ensuring confidentiality, integrity, accessibility and authenticity of data, timely software updates, protection against unauthorized modification, vulnerability management)
  • OT Incident management procedures
  • OT Security Operations Centre (SOC), including Security Information and Event Management software (SIEM)
  • Development of procedures for reporting information to the competent authority on improvement of the unfulfilled requirements

EY - Support in the implementation of modern OT infrastructure monitoring tools  enabling detection of cybersecurity incidentsSupport in the implementation of modern OT infrastructure monitoring tools enabling detection of cybersecurity incidents:

  • Development of a monitoring approach tailored to the monitored environment and in accordance with the requirements and good practices / standards
  • Support in supplier selection process
  • Support in implementation of security solutions and their integration with other tools, e.g. SIEM class solutions and Firewalls

EY - Supporting services for IT/OT infrastructureSupporting services for IT/OT infrastructure:

  • OT Security Operations Centre (SOC) as an external service or support of the existing SOC
  • Verification of the efficiency and response time to cyber security incidents

EY - Assessment of compliance with the NIS Directive and accompanying national lawsAssessment of compliance with the NIS Directive and accompanying national laws:

  • Verification of compliance with the requirements and assessment of maturity for individual requirements
  • Identification of gaps and discrepancies
  • Development of tailored recommendations to fulfil / improve the unfulfilled requirements
  • Second verification of compliance with the requirements after the introduction of recommended measures / procedures / activities

Contacts by region

EMEIA OT/IoT Security Lead

Piotr Ciepiela
+48 519 511 603


Alex Campbell
+44 20 7197 9301

CESA Cyber Security Lead

Kazimierz Klonecki
+48 505 105 080

UKI Cyber Security Lead

Gavin Cartwright
+44 20 7980 0667

GSA Cyber Security Lead

Matthias Bandemer
+49 160 939 11976

Nordics Cyber Security Lead

Aina Karlsen Røed
+47 982 06 241

MED Cyber Security Lead

Fabio Cappelli
+39 33 5 12 30 192

WEM Cyber Security Lead

Marc Ayadi
+33 6 07 70 71 59