EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
NIS2 Directive in Sweden: A Report on the Readiness of Swedish Critical Infrastructure
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.ORCID iD: 0000-0003-0478-9347
Number of Authors: 32025 (English)In: Secure IT Systems: 29th Nordic Conference, NordSec 2024 Karlstad, Sweden, November 6–7, 2024 Proceedings / [ed] Leonardo Horn Iwaya; Liina Kamm; Leonardo Martucci; Tobias Pulls, Springer , 2025, p. 176-195Conference paper, Published paper (Refereed)
Abstract [en]

This study evaluates the preparedness of Swedish critical infrastructure for the NIS2 directive, which sets enhanced EU standards for information- and cybersecurity. The research reveals a generally low competence level, highlighting a lack of readiness for the directive’s requirements. Variations in competence are influenced by organizational size, resource availability, and existing strategic processes. Larger organizations with roles like CISOs tend to have higher competence levels, yet significant gaps remain in meeting the directive’s demands. The study emphasizes the need for comprehensive business and gap analyses to identify critical areas for improvement. Organizations should adopt strategic, systematic approaches to cybersecurity that integrate with existing processes. Enhancing competencies requires increased investment in education and training, supported by leadership committed to fostering a robust security culture. The NIS2 directive should be seen not as a regulatory burden but as an opportunity to enhance resilience against cyber threats. Methodologically, the study uses a consistent semi-structured interview approach with experts and authorities to ensure validity and reliability. Although the qualitative nature of the research limits generalizability, it offers critical insights into Sweden’s cybersecurity readiness and the need for strategic improvements.
Place, publisher, year, edition, pages
Springer , 2025. p. 176-195
Series
Lecture Notes in Computer Science (LNCS), ISSN 0302-9743, E-ISSN 1611-3349 ; 15396
National Category
Information Systems
Research subject
Computer and Systems Sciences
Identifiers
URN: urn:nbn:se:su:diva-239292DOI: 10.1007/978-3-031-79007-2_10Scopus ID: 2-s2.0-85218498592ISBN: 978-3-031-79007-2 (electronic)ISBN: 978-3-031-79006-5 (print)OAI: oai:DiVA.org:su-239292DiVA, id: diva2:1936154
Conference
29th Nordic Conference, NordSec 2024, 6-7 November 2024, Karlstad, Sweden.
Available from: 2025-02-10 Created: 2025-02-10 Last updated: 2025-04-09Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Hacks, Simon

Search in DiVA

By author/editor
Hacks, Simon
By organisation
Department of Computer and Systems Sciences
Information Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 334 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
Stockholm University Library
|
DiVA portal
|
DiVA Contact
|
DiVA Log in