Silent Presentation

Act Now: From SRA to ISO/IEC 27001, A Smarter Path to NIS2 Compliance

While NCSC’s Cybersecurity Fundamentals (CyFun) certification is not expected before 2027, higher education institutions and research centres can benefit from HEAnet’s Security & Risk Assessment (SRA), which is offered and conducted by the ICTSS team, and prepare for today's ISO/IEC 27001 certification. This session shows how combining SRA with ISO/IEC 27001 creates a clear path to compliance with NIS2 and related standards, such as the Cyber Security Baseline Standard Framework, also known as ‘Baseline Standards’. It strengthens security maturity and even delivers financial advantages, such as reduced cyber insurance costs.