{"id":11412,"date":"2018-11-17T01:12:10","date_gmt":"2018-11-17T00:12:10","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=11412\/"},"modified":"2020-01-02T11:09:23","modified_gmt":"2020-01-02T10:09:23","slug":"nis-mesures-securite-ose","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2018\/11\/nis-mesures-securite-ose\/","title":{"rendered":"Directive europ\u00e9enne NIS : quelles mesures de s\u00e9curit\u00e9 pour les op\u00e9rateurs de services essentiels en France ?"},"content":{"rendered":"

Depuis notre pr\u00e9c\u00e9dent article<\/a>, deux \u00e9v\u00e9nements majeurs ont concr\u00e9tis\u00e9 la transposition de la directive europ\u00e9enne NIS en France.<\/em><\/p>\n

Tout d\u2019abord, fin septembre 2018 a \u00e9t\u00e9 publi\u00e9 l\u2019arr\u00eat\u00e9 fixant les r\u00e8gles de s\u00e9curit\u00e9 et d\u00e9lais<\/a> \u00e0 respecter par les op\u00e9rateurs de service essentiels (OSE) sur leurs SI essentiels (SIE).<\/em><\/p>\n

Ensuite, le 9 novembre 2018 les derni\u00e8res notifications ont \u00e9t\u00e9 envoy\u00e9es par l\u2019ANSSI \u00e0 une premi\u00e8re vague d\u2019Op\u00e9rateurs de Services Essentiels<\/a>, portant ainsi le nombre d\u2019OSE \u00e0 122, chiffre qui sera amen\u00e9 \u00e0 augmenter dans les mois et ann\u00e9es \u00e0 venir.<\/em><\/p>\n

C\u2019est donc l\u2019occasion de d\u00e9crypter la NIS dans sa d\u00e9clinaison fran\u00e7aise, d\u2019identifier les principales exigences \u00e9mises par l\u2019ANSSI et sous quels d\u00e9lais celles-ci devront \u00eatre respect\u00e9es par les OSE.<\/em><\/p>\n

 <\/p>\n

Des r\u00e8gles majoritairement inspir\u00e9es de la LPM<\/h2>\n

La directive NIS demande \u00e0 chaque Etat de d\u00e9finir et d\u2019imposer le respect des bonnes pratiques de s\u00e9curit\u00e9 aux OSE et FSN. En France, c\u2019est l\u2019ANSSI qui a \u00e9t\u00e9 responsable de cette d\u00e9finition, \u00e0 l\u2019instar de la LPM. Il est donc l\u00e9gitime de se demander dans quelle mesure les r\u00e8gles NIS sont align\u00e9es sur les r\u00e8gles LPM.<\/p>\n

Des diff\u00e9rences de forme sont tout d\u2019abord \u00e0 noter\u00a0: les r\u00e8gles NIS sont au nombre de 23<\/strong> r\u00e9parties au sein de 4 chapitres (Gouvernance, Protection, D\u00e9fense, R\u00e9silience), contre 20 pour la LPM sans chapitre particulier. Ensuite, ces r\u00e8gles ont \u00e9t\u00e9 publi\u00e9es au sein d\u2019un unique arr\u00eat\u00e9 trans-sectoriel<\/strong>, alors que la LPM avait men\u00e9 \u00e0 la publication d\u2019un arr\u00eat\u00e9 par secteur d\u2019activit\u00e9. Autre diff\u00e9rence, les d\u00e9lais de mise en application des r\u00e8gles NIS sont communs \u00e0 tous les secteurs et sont publics<\/strong>, l\u00e0 o\u00f9 les d\u00e9lais pour la LPM varient selon les secteurs et sont en diffusion restreinte.<\/p>\n

N\u00e9anmoins, les r\u00e8gles NIS restent fortement inspir\u00e9es<\/strong> (voire pour certaines int\u00e9gralement reprises) des r\u00e8gles LPM\u00a0: cartographie, configuration des composants, filtrage, comptes d\u2019administration, SI d\u2019administration, identification, droits d\u2019acc\u00e8s, maintien en conditions de s\u00e9curit\u00e9, journalisation, corr\u00e9lation et analyse de journaux, r\u00e9ponse aux incidents de s\u00e9curit\u00e9, traitement des alertes et \u00e9galement gestion de crise.<\/p>\n

De nouvelles r\u00e8gles<\/strong> font leur apparition\u00a0; les r\u00e8gles relatives aux analyses de risques et aux audits de s\u00e9curit\u00e9 \u00e9taient en fait incorpor\u00e9es dans la r\u00e8gle LPM relative \u00e0 l\u2019homologation. La r\u00e8gle relative \u00e0 la s\u00e9curit\u00e9 physique et environnementale est quant \u00e0 elle une r\u00e9elle nouveaut\u00e9. De m\u00eame, certaines r\u00e8gles existantes font l\u2019objet de pr\u00e9cisions<\/strong> sans pour autant apporter de modifications structurantes, notamment pour encadrer la fa\u00e7on de traiter certains cas particuliers (SIE expos\u00e9 sur Internet, etc.).<\/p>\n

Finalement, les principales diff\u00e9rences portent sur l\u2019assouplissement de certaines r\u00e8gles<\/strong>\u00a0:<\/p>\n

    \n
  • Indicateurs\u00a0: les trois th\u00e9matiques retenues par les r\u00e8gles LPM sont maintenues par les r\u00e8gles NIS (maintien en conditions de s\u00e9curit\u00e9, droits d\u2019acc\u00e8s \/ authentification et administration des ressources), mais le nombre d\u2019indicateurs total passe de 10 \u00e0 6<\/strong>.<\/li>\n
  • D\u00e9tection\u00a0: l\u2019obligation d\u2019utiliser des sondes qualifi\u00e9es et op\u00e9r\u00e9es par un prestataire qualifi\u00e9 PDIS est remplac\u00e9e par l\u2019utilisation de sondes op\u00e9r\u00e9es conform\u00e9ment au r\u00e9f\u00e9rentiel PDIS, sans obligation de qualification<\/strong><\/li>\n
  • De mani\u00e8re g\u00e9n\u00e9rale, les r\u00e8gles NIS n\u2019imposent pas le recours \u00e0 des prestataires d\u00fbment qualifi\u00e9s<\/strong> PASSI (Prestataire d\u2019Audit de la S\u00e9curit\u00e9 des Syst\u00e8mes d\u2019Information), PDIS (Prestataire de D\u00e9tection d\u2019Incidents de S\u00e9curit\u00e9) ou PRIS (Prestataire de R\u00e9ponse aux Incidents de S\u00e9curit\u00e9) mais recommandent de s\u2019inspirer des bonnes pratiques que ces r\u00e9f\u00e9rentiels d\u00e9finissent.<\/li>\n<\/ul>\n

     <\/p>\n

     <\/p>\n

    \"\"<\/figure>\n

    Figure <\/em>1<\/em>\u00a0: 80% de similarit\u00e9s entre les r\u00e8gles LPM et les r\u00e8gles NIS en France<\/em><\/p>\n

     <\/p>\n

    Les r\u00e8gles NIS, malgr\u00e9 des diff\u00e9rences de forme, sont donc globalement similaires \u00e0 celles de la LPM, ce qui n\u2019est pas surprenant puisqu\u2019elles r\u00e9pondent au m\u00eame objectif, celui de renforcer le niveau de s\u00e9curit\u00e9 des acteurs nationaux cl\u00e9s.<\/p>\n

    <\/figure>\n

    Un planning de mise en conformit\u00e9 ambitieux<\/h2>\n

    Des actions concr\u00e8tes \u00e0 r\u00e9aliser tr\u00e8s rapidement<\/h3>\n

    Les d\u00e9lais de mise en application sont publics. Concr\u00e8tement, les premi\u00e8res actions attendues de chaque OSE apr\u00e8s sa d\u00e9signation sont les suivantes\u00a0:<\/p>\n

      \n
    • Dans un d\u00e9lai de 2 mois, identification du correspondant aupr\u00e8s de l\u2019ANSSI<\/strong> et communication de ses coordonn\u00e9es<\/li>\n
    • Dans un d\u00e9lai de 3 mois, identification des SIE (Syst\u00e8mes d\u2019Information Essentiels) et transmission de la liste \u00e0 l\u2019ANSSI<\/strong>. Si le premier r\u00e9flexe est souvent de vouloir d\u00e9finir le p\u00e9rim\u00e8tre le plus restreint possible, et ainsi limiter les impacts, il faut garder \u00e0 l\u2019esprit que l\u2019application partielle de certaines r\u00e8gles peut devenir un v\u00e9ritable casse-t\u00eate en raison de l\u2019imbrication des SIE avec le reste du SI.<\/li>\n
    • Dans un d\u00e9lai de 3 mois, mise en place du processus de traitement des alertes<\/strong>. Objectif\u00a0: se mettre rapidement en capacit\u00e9 de recevoir les alertes de l\u2019ANSSI et savoir r\u00e9agir en cons\u00e9quence.<\/li>\n<\/ul>\n

       <\/p>\n

      2 ans pour se mettre en conformit\u00e9 et r\u00e9aliser l\u2019homologation la 3\u00e8me<\/sup> ann\u00e9e.<\/h3>\n

      Pour l\u2019ensemble des autres r\u00e8gles, les d\u00e9lais sont tout aussi pr\u00e9cis et ambitieux\u00a0:<\/p>\n

       <\/p>\n

      \"\"<\/figure>\n

      Figure <\/em>2<\/em>\u00a0: r\u00e8gles NIS, 2 ans pour se mettre en conformit\u00e9 et une ann\u00e9e suppl\u00e9mentaire pour l\u2019homologation<\/em><\/p>\n

       <\/p>\n

      Conclusion<\/h2>\n

      En synth\u00e8se, il est important pour les entreprises notifi\u00e9es d\u2019anticiper d\u00e8s la phase de cadrage que la mise en conformit\u00e9 NIS va amener des chantiers avec des investissements financiers et humains parfois cons\u00e9quents. Notamment, les chantiers qui traiteront du \u00ab\u00a0SI Administration\u00a0\u00bb, de \u00ab\u00a0l\u2019Homologation\u00a0\u00bb, ou encore les chantiers d\u2019urbanisme n\u00e9cessaires pour le cloisonnement des SIE, etc.<\/em><\/p>\n

      Autant de sujets qui b\u00e9n\u00e9ficieront de la maturit\u00e9 du march\u00e9 impuls\u00e9e depuis plusieurs ann\u00e9es entre autres par la LPM.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

      Depuis notre pr\u00e9c\u00e9dent article, deux \u00e9v\u00e9nements majeurs ont concr\u00e9tis\u00e9 la transposition de la directive europ\u00e9enne NIS en France. Tout d\u2019abord, fin septembre 2018 a \u00e9t\u00e9 publi\u00e9 l\u2019arr\u00eat\u00e9 fixant les r\u00e8gles de s\u00e9curit\u00e9 et d\u00e9lais \u00e0 respecter par les op\u00e9rateurs de…<\/p>\n","protected":false},"author":1325,"featured_media":11091,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[36,3226],"tags":[408,2598,2850,78,3326],"coauthors":[3049,2956,3068],"class_list":["post-11412","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-digital-compliance","tag-europe","tag-nis","tag-ose","tag-reglementation","tag-sectoral-regulations"],"acf":[],"yoast_head":"\nDirective europ\u00e9enne NIS : quelles mesures de s\u00e9curit\u00e9 pour les op\u00e9rateurs de services essentiels en France ? - RiskInsight<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Directive europ\u00e9enne NIS : quelles mesures de s\u00e9curit\u00e9 pour les op\u00e9rateurs de services essentiels en France ? - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"Depuis notre pr\u00e9c\u00e9dent article, deux \u00e9v\u00e9nements majeurs ont concr\u00e9tis\u00e9 la transposition de la directive europ\u00e9enne NIS en France. Tout d\u2019abord, fin septembre 2018 a \u00e9t\u00e9 publi\u00e9 l\u2019arr\u00eat\u00e9 fixant les r\u00e8gles de s\u00e9curit\u00e9 et d\u00e9lais \u00e0 respecter par les op\u00e9rateurs de...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2018-11-17T00:12:10+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-01-02T10:09:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/07\/Fotolia_62798858_Subscription_Monthly_M.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1453\" \/>\n\t<meta property=\"og:image:height\" content=\"1308\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Nicol4sVanThieghem\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Nicol4sVanThieghem\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/\"},\"author\":{\"name\":\"Nicol4sVanThieghem\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/6a166ed77a930951307e431880e76a80\"},\"headline\":\"Directive europ\u00e9enne NIS : quelles mesures de s\u00e9curit\u00e9 pour les op\u00e9rateurs de services essentiels en France ?\",\"datePublished\":\"2018-11-17T00:12:10+00:00\",\"dateModified\":\"2020-01-02T10:09:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/\"},\"wordCount\":1036,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/07\/Fotolia_62798858_Subscription_Monthly_M.jpg\",\"keywords\":[\"Europe\",\"NIS\",\"OSE\",\"R\u00e8glementation\",\"sectoral regulations\"],\"articleSection\":[\"Cybersecurity & Digital Trust\",\"Digital Compliance\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/\",\"name\":\"Directive europ\u00e9enne NIS : quelles mesures de s\u00e9curit\u00e9 pour les op\u00e9rateurs de services essentiels en France ? - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/07\/Fotolia_62798858_Subscription_Monthly_M.jpg\",\"datePublished\":\"2018-11-17T00:12:10+00:00\",\"dateModified\":\"2020-01-02T10:09:23+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/07\/Fotolia_62798858_Subscription_Monthly_M.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/07\/Fotolia_62798858_Subscription_Monthly_M.jpg\",\"width\":1453,\"height\":1308,\"caption\":\"Vector businessman looking for future trends through binoculars - business and strategy metaphor - illustration in flat style\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Directive europ\u00e9enne NIS : quelles mesures de s\u00e9curit\u00e9 pour les op\u00e9rateurs de services essentiels en France ?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity & digital trust blog by Wavestone's consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/6a166ed77a930951307e431880e76a80\",\"name\":\"Nicol4sVanThieghem\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/nicol4svanthieghem\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Directive europ\u00e9enne NIS : quelles mesures de s\u00e9curit\u00e9 pour les op\u00e9rateurs de services essentiels en France ? - RiskInsight","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/","og_locale":"en_US","og_type":"article","og_title":"Directive europ\u00e9enne NIS : quelles mesures de s\u00e9curit\u00e9 pour les op\u00e9rateurs de services essentiels en France ? - RiskInsight","og_description":"Depuis notre pr\u00e9c\u00e9dent article, deux \u00e9v\u00e9nements majeurs ont concr\u00e9tis\u00e9 la transposition de la directive europ\u00e9enne NIS en France. Tout d\u2019abord, fin septembre 2018 a \u00e9t\u00e9 publi\u00e9 l\u2019arr\u00eat\u00e9 fixant les r\u00e8gles de s\u00e9curit\u00e9 et d\u00e9lais \u00e0 respecter par les op\u00e9rateurs de...","og_url":"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/","og_site_name":"RiskInsight","article_published_time":"2018-11-17T00:12:10+00:00","article_modified_time":"2020-01-02T10:09:23+00:00","og_image":[{"width":1453,"height":1308,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/07\/Fotolia_62798858_Subscription_Monthly_M.jpg","type":"image\/jpeg"}],"author":"Nicol4sVanThieghem","twitter_misc":{"Written by":"Nicol4sVanThieghem","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/"},"author":{"name":"Nicol4sVanThieghem","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/6a166ed77a930951307e431880e76a80"},"headline":"Directive europ\u00e9enne NIS : quelles mesures de s\u00e9curit\u00e9 pour les op\u00e9rateurs de services essentiels en France ?","datePublished":"2018-11-17T00:12:10+00:00","dateModified":"2020-01-02T10:09:23+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/"},"wordCount":1036,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/07\/Fotolia_62798858_Subscription_Monthly_M.jpg","keywords":["Europe","NIS","OSE","R\u00e8glementation","sectoral regulations"],"articleSection":["Cybersecurity & Digital Trust","Digital Compliance"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/","url":"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/","name":"Directive europ\u00e9enne NIS : quelles mesures de s\u00e9curit\u00e9 pour les op\u00e9rateurs de services essentiels en France ? - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/07\/Fotolia_62798858_Subscription_Monthly_M.jpg","datePublished":"2018-11-17T00:12:10+00:00","dateModified":"2020-01-02T10:09:23+00:00","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/07\/Fotolia_62798858_Subscription_Monthly_M.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/07\/Fotolia_62798858_Subscription_Monthly_M.jpg","width":1453,"height":1308,"caption":"Vector businessman looking for future trends through binoculars - business and strategy metaphor - illustration in flat style"},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/2018\/11\/nis-mesures-securite-ose\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"Directive europ\u00e9enne NIS : quelles mesures de s\u00e9curit\u00e9 pour les op\u00e9rateurs de services essentiels en France ?"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity & digital trust blog by Wavestone's consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/6a166ed77a930951307e431880e76a80","name":"Nicol4sVanThieghem","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/nicol4svanthieghem\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/11412","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/1325"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=11412"}],"version-history":[{"count":2,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/11412\/revisions"}],"predecessor-version":[{"id":11426,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/11412\/revisions\/11426"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/11091"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=11412"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=11412"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=11412"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=11412"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}