The deadline for the NIS2 directive remains October 18, with this looming deadline here are the comments from F5 and CyberArk.

David Higgins, Senior Director, Field Technology Office at CyberArk comments:

"Put simply, NIS2 means all defined critical organisations need to identify, assess and address their exposure to the risk of a cyberattack - what's known as their 'risk profile'. Article 21 in particular mandates that they put robust cybersecurity measures in to secure their supply chains and enforce Zero Trust access, among a host of security policies companies they will need to implement and report on.

"Identity Security is going to take centre stage from a compliance point of view here, as it involves constantly checking and authorising both internal and external users, following Zero Trust principles. This is especially important since organisations have to protect a huge network of threats under NIS2, including subcontractors and service providers. Companies also need to tick off important NIS2 Article 21 requirements related to handling and reporting incidents. Having a solid Identity Security strategy is important here, to not only protect vital infrastructure against those inevitable future attacks, but also to track and manage the handling of critical information in real-time."

Bart Salaets, Field CTO EMEA at F5:

"With the regulation broadening its scope, more organisations -- particularly those that may not have previously prioritised cybersecurity -- will now need to comply. It's important to note that businesses will be penalised if attacks are not reported.

One of the biggest challenges of an intensified regulatory spotlight on security is the added complexity of both securing and monitoring digital infrastructures that increasingly span multiple clouds and in-house data centres.

In order to navigate the legislation, organisations should create centralised visibility and unified reporting across security platforms. The need for integrated solutions and sophisticated reporting tools -- potentially AI-driven -- will be essential in helping organisations meet their reporting obligations under NIS2."