GAP-analysis and needed actions to reach compliance to NIS2 directive in a global industrial manufacturing company
Authors
Date
2024Access restrictions
The author has not given permission to make the work publicly available electronically. Therefore the material can be read only at the archival workstation at Jyväskylä University Library (https://kirjasto.jyu.fi/en/workspaces/facilities/facilities#autotoc-item-autotoc-2).
Copyright
© The Author(s)
This master’s thesis investigates the cybersecurity requirements and needed actions for achieving compliance with the NIS2 directive in a large industrial manufacturing company. The research obeys to the Design Science Research (DSR) methodology, which enables the creation of practical solutions through iterative processes. The primary goal of this thesis is to evaluate the current state of cybersecurity in the organization, identify critical security gaps, and propose actionable measures to close these gaps.
The research process combines a literature review that establishes the theoretical framework with qualitative data gathered from interviews with key stakeholders. The interviews provide insights into the organization's cybersecurity challenges and opportunities. Quantitative data was collected with the ISF Information Security Healthcheck tool, which supported the analysis and prioritization of the identified gaps. Five critical security functions have been identified as the key areas needing improvement: asset management, information security risk management, business continuity, supply chain security, and security governance.
The suggested solution is then assessed through interviews with experts from the target organisation, and further major initiatives are recommended based on the evaluation. Finally, this thesis provides a practical, clear framework for the company for meeting the NIS2 directive's critical requirements. Suggestions for future research are made based on the research findings and the feedback from the interviews after the identified solution has been evaluated.
Keywords: Information security, NIS2 directive, Cybersecurity, Manufacturing Industry, Compliance
...
Metadata
Show full item recordCollections
- Pro gradu -tutkielmat [29743]
License
Related items
Showing items with similar title or keywords.
-
Improving service business activities in manufacturing industry through value co-creation : a case of a multinational machine manufacturing company
Korppi, Saara (2022)Tämä Pro Gradu tutkielma tutkii arvon yhteisluonnin muodostumista huoltoliiketoiminnan eri aktiviteeteissa. Tutkielma hyödyntää palvelukeskeistä logiikkaa viitekehyksenä tutkiakseen, kuinka arvon yhteisluonti muodostuu ... -
The impact of digitalization on marketing communications measurement process : case of global B2B industrial companies
Järvinen, Joel (2011)The stature of marketing communications function is under a threat within the firms. As the board of management tends to demand the profitability of all business activities, marketing practitioners have for a long time ... -
The needs for professional communicative repertoire, and the effects of it on the employees in a global technology industry company based in Central Finland
Hiekkavirta, Anni (2018)Tutkielmassa tarkastellaan Keski-Suomessa sijaitsevan, globaalissa omistuksessa olevan teknologia-alan yrityksen työntekijöiden kielivarantoa ja yrityksen toiveita sen suhteen. Tutkimus pyrkii myös selvittämään kuinka ... -
The application of the SMETA audit protocol on the management of the CSR of Peruvian companies : a case study of standardization via SMETA in manufacturing companies
Medina Rodriguez, Alicia (2016)Standardization in Corporate Social Responsibility has become more popular since re-cent years. A wide range of standards that seek to implement and evaluate the Corpo-rate Social Responsibility in companies, has become ... -
Influence of Organizational Culture on Employees Information Security Policy Compliance in Ethiopian Companies
Ejigu, Kibrom; Siponen, Mikko; Muluneh, Tilahun (Association for Information Systems, 2021)Information security is one of the organizations' top agendas worldwide. Similarly, there is a growing trend in the kinds and rate of security breaches. Information security experts and scholars concentrate on outsiders' ...