Scenario 3: Founded in 2001, SafePost is a prominent postal and courier company headquartered in Brussels, Belguim. Over the years, it has become a key player in the logistics and courier in the region. With more than 500 employees, the company prides itself on its efficient and reliable services, catering to individual and corporate clients. SafePost has recognized the importance of cybersecurity in an increasingly digital world and has taken significant steps to align its operations with regulatory directives, such as the NIS 2 Directive.

SafePost recognized the importance of thoroughly analyzing market forces and opportunities to inform its cybersecurity strategy. Hence, it selected an approach that enabled the analysis of market forces and opportunities in the four following areas: political, economic, social, and technological. The results of the analysis helped SafePost in anticipating emerging threats and aligning its security measures with the evolving landscape of the postal and courier industry.

To comply with the NIS 2 Directive requirements, SafePost has implemented comprehensive cybersecurity measures and procedures, which have been documented and communicated in training sessions. However, these procedures are used only on individual initiatives and have still not been implemented throughout the company. Furthermore, SafePost’s risk management team has developed and approved several cybersecurity risk management measures to help the company minimize potential risks, protect customer data, and ensure business continuity.

Additionally, SafePost has developed a cybersecurity policy that contains guidelines and procedures for safeguarding digital assets, protecting sensitive data, and defining the roles and responsibilities of employees in maintaining security. This policy will help the company by providing a structured framework for identifying and mitigating cybersecurity risks, ensuring compliance with regulations, and fostering a culture of security awareness among employees, ultimately enhancing overall cybersecurity posture and reducing the likelihood of cyber incidents.

As SafePost continues to navigate the dynamic market forces and opportunities, it remains committed to upholding the highest standards of cybersecurity to safeguard the interests of its customers and maintain its position as a trusted leader in the postal and courier industry.

SafePost’s risk management team has developed and approved several cybersecurity risk management measures intended to help the company in minimizing potential risks, protecting customer data, and ensuring business continuity. Is this in compliance with Article 20 of the NIS 2 Directive?

Refer to scenario 3.