Anyone heard of the NIS Directive?

We could all be forgiven, with the barrage of news and other material regarding the new GDPR legislation, for not spotting other information security standards and directives that are less prominent on the data protection radar but which are equally important. An example is the new EU Network and Information Systems (NIS) Directive, which comes into force on 10 May 2018.

On 8 August the UK government published a paper about the NIS Directive and the requirements the UK government is placing on its infrastructure providers with regard to compliance. While not directly applicable to the Channel Islands, it'd be no surprise to see the States of Jersey head toward similar guidance for its infrastructure businesses.