The article titled “ENISA NIS360: Is Europe Protecting the Right Sectors?” discusses a new assessment tool from ENISA, the European Union’s cybersecurity agency. This tool, called NIS360, aims to help policymakers understand which sectors are most critical to society and how well those sectors are prepared to deal with cybersecurity threats.

NIS360 looks at two main things: how essential a sector is for society (called "societal criticality") and how mature or advanced its cybersecurity practices are. It then maps out 21 key sectors, such as healthcare, energy, transport, and public administration, to show where the biggest weaknesses and risks are.

The most concerning sectors are those that are both vital to everyday life and yet have weak cybersecurity maturity. This includes areas like space, maritime transport, health services, gas, and public administration. These sectors are heavily relied upon but are not ready to handle serious cyberattacks. For example, a cyberattack on satellites or hospitals could have a huge impact, but many of these systems are still not properly secured across Europe.

Some other sectors, like oil, drinking water, heating systems, and road transport, also rank as moderately critical but with low cybersecurity readiness. Even though they’re not always in the spotlight, they could cause serious problems if disrupted — especially in a crisis.

On the positive side, some sectors are doing much better. Electricity, telecoms, and banking are considered both highly critical and highly mature in terms of cybersecurity. This is largely due to years of regulation, investment, and close cooperation between public and private entities. Europe’s digital infrastructure — such as internet providers, cloud services, and data centers — also scores well, though it’s more complex because of how interconnected and international it is.

The NIS360 tool is designed to be a wake-up call. It helps decision-makers see which sectors need more attention and support, especially under the updated NIS2 directive, which strengthens cybersecurity rules across the EU. ENISA encourages governments and sector leaders to use the tool to identify gaps, tailor their policies to the needs of each sector, and improve cooperation between industries and countries.

In short, while Europe has strong cybersecurity protections in some areas, others are still vulnerable. NIS360 offers a way to understand and fix these blind spots before a major cyber crisis hits.

Source: https://industrialcyber.co/analysis/enisa-nis360-is-europe-protecting-the-right-sectors/