Show simple item record

dc.contributor.advisorFrantti, Tapio
dc.contributor.authorLämsä, Markus
dc.description.abstractThis master’s thesis investigates the cybersecurity requirements and needed actions for achieving compliance with the NIS2 directive in a large industrial manufacturing company. The research obeys to the Design Science Research (DSR) methodology, which enables the creation of practical solutions through iterative processes. The primary goal of this thesis is to evaluate the current state of cybersecurity in the organization, identify critical security gaps, and propose actionable measures to close these gaps. The research process combines a literature review that establishes the theoretical framework with qualitative data gathered from interviews with key stakeholders. The interviews provide insights into the organization's cybersecurity challenges and opportunities. Quantitative data was collected with the ISF Information Security Healthcheck tool, which supported the analysis and prioritization of the identified gaps. Five critical security functions have been identified as the key areas needing improvement: asset management, information security risk management, business continuity, supply chain security, and security governance. The suggested solution is then assessed through interviews with experts from the target organisation, and further major initiatives are recommended based on the evaluation. Finally, this thesis provides a practical, clear framework for the company for meeting the NIS2 directive's critical requirements. Suggestions for future research are made based on the research findings and the feedback from the interviews after the identified solution has been evaluated. Keywords: Information security, NIS2 directive, Cybersecurity, Manufacturing Industry, Complianceen
dc.rightsIn copyright
dc.titleGAP-analysis and needed actions to reach compliance to NIS2 directive in a global industrial manufacturing company
dc.typemaster thesis
dc.contributor.tiedekuntaInformaatioteknologian tiedekuntafi
dc.contributor.tiedekuntaFaculty of Information Technologyen
dc.contributor.yliopistoJyväskylän yliopistofi
dc.contributor.yliopistoUniversity of Jyväskyläen
dc.contributor.oppiaineKyberturvallisuuden maisteriohjelmafi
dc.contributor.oppiaineMaster's Degree Programme in Cyber Securityen
dc.rights.copyright© The Author(s)
dc.rights.accessrightsThe author has not given permission to make the work publicly available electronically. Therefore the material can be read only at the archival workstation at Jyväskylä University Library (
dc.rights.accessrightsTekijä ei ole antanut lupaa avoimeen julkaisuun, joten aineisto on luettavissa vain Jyväskylän yliopiston kirjaston arkistotyösemalta. Ks.

Files in this item


This item appears in the following Collection(s)

Show simple item record

In copyright
Except where otherwise noted, this item's license is described as In copyright