We outline further key aspects to consider when implementing NIS2.
Security incident reporting
Under NIS2, every organisation must implement a security incident reporting system. For open source platforms such as Moodle™, Open edX® or Chamilo, it is worth integrating threat detection systems with reporting and monitoring tools. If unauthorised access or other threats are detected, the organisation should react quickly and report the incident to the relevant supervisory authorities, in accordance with the procedures described in the directive.
Training and awareness of cyber threats
Another important element of NIS2 is the education of system users, who are often the weakest point in the security chain. Institutions using open source platforms should organise regular cyber security training for employees and end-users of e-learning platforms. Understanding threats, such as phishing, and how to use systems safely is key to effective data protection.
Follow up article in the next Blog post.