NIS 2: ALE takes action on cybersecurity

Vincent Lomba
November 29, 2024

ALE implements effective measures to protect critical operations and ensure compliance with EU cybersecurity regulations.

NIS2 EU Cybersecurity Directive: EU-wide legislation.

As the cybersecurity landscape continues to evolve, the NIS 2 Directive is set to be a game-changer for organizations across the European Union. Effective October 2024, this regulation will transform cybersecurity by standardizing requirements for both public and private sectors. With its clear guidelines on risk management and incident reporting, NIS 2 is setting the stage for more robust and unified cybersecurity practices across Europe.

By categorizing entities as Essential Entities (EE) or Important Entities (IE), NIS 2 ensures that the organizations most critical to infrastructure are held to the highest cybersecurity standards. With penalties for non-compliance reaching up to 2% of global revenue, the stakes are high for all businesses involved.

At ALE, we recognize the critical importance of this directive and are taking decisive steps to ensure our organization and partners stay fully compliant with the new regulations.

Our actions toward NIS 2 compliance

As a company providing critical communications solutions and network infrastructure, ALE will be a regulated entity. This classification reflects not only our position as a manufacturer, but also the essential role our solutions play in securing critical sectors.

To meet the stringent requirements of NIS 2, ALE has taken comprehensive actions in three main dimensions:

  • Our DNA, to build a security-first culture: We have prioritized continuous security awareness training for all employees, ensuring that every team member is equipped to handle the evolving threat landscape. Also, IT security and access management are reinforced with the deployment of advanced monitoring and surveillance tools across employee equipment and PCs in line with industry best practices.
  • Our processes, to improve cybersecurity operations: A Security Operations Center (SOC) has been set up alongside a Security Information & Event Management (SIEM) system to safeguard ALE's IS/IT infrastructure and cloud-based solutions. In addition, our vulnerability management process now adopts a cross-divisional approach to better address and manage security vulnerabilities. We have also improved our incident response processes to better ensure resilience against security threats and attacks.
  • Our products, to implement security-by-design: Our products feature secure configurations, protection against unauthorized access, minimized external attack surfaces and interfaces and redundancy mechanisms to enhance product resiliency. We’ve also integrated security throughout the software development process by implementing a cross-divisional Secure Development Life Cycle (SDLC) that follows cybersecurity recommendations of leading agencies like ANSSI in France, BSI in Germany and the European Union Agency for Cybersecurity (ENISA) to improve governance and be state-of-the-art compliant.

Navigating NIS 2 compliance together

We recognize that NIS 2 compliance impacts the entire supply chain, and while ultimate responsibility lies with our customers, ALE is dedicated to supporting them throughout the process. By providing compliant solutions and clear communication of security requirements, we help our partners meet the challenges of the directive.

With the NIS 2 Directive now in effect, organizations are actively working on their compliance strategies. At ALE, our comprehensive cybersecurity approach and secure solutions not only help customers meet regulatory standards, but also lay the foundation for long-term digital resilience.

Through robust security measures at every level of operation, our partners and customers are empowered to navigate the complexities of NIS 2 compliance with confidence. Together, we are committed to securing the future of critical infrastructure and advancing cybersecurity resilience across Europe.

Visit our Security webpage to find out more.

Vincent Lomba

Vincent Lomba

Chief Technical Security Officer

Vincent Lomba, as Chief Technical Security Officer, leads all cybersecurity projects and activities to ensure that Alcatel-Lucent Enterprise's portfolio of solutions meets regulatory requirements as well as customer expectations. He is responsible for helping the company adopt all necessary best practices, modify the operating model, develop and maintain a Secure Software Development Framework (SSDF), and govern the implementation of cybersecurity laws and directives (e.g. NIS 2, CRA, DORA) for all solutions. He conducts internal and external ISO 27001 audits.

He has over 30 years' experience in the global IT, networking and telecoms markets and technologies. In his past experiences, Vincent piloted the creation and launch of new solutions as a product line manager. He managed the Communications Division's global business development team, responsible for supporting sales and business partners, and developing tailor-made solutions for very demanding geographical areas. He has worked with many of the world's leading players in the information and communication technologies (ICT) industry.

Vincent holds a Master of Engineering degree in Computer Science and Digital Signal Processing. He completed his initial training with a full course in information security and holds several cybersecurity certifications.

About the author

Latest Blogs

a person standing in front of a computer
Business Continuity

Collaboration between humans and objects: A safety asset

Communications platforms interact with the software and infrastructure ecosystem to ensure comprehensive enterprise security.

Video surveillance in an airport
Smart Buildings

Smart Buildings: Focus on Networking and Video Surveillance

Enhance operations and reduce expenses by bringing video surveillance (OT) and IT network best practices together.

NIS2 EU Cybersecurity Directive: EU-wide legislation.
Security

NIS 2: ALE takes action on cybersecurity

ALE implements effective measures to protect critical operations and ensure compliance with EU cybersecurity regulations.

a man and a woman looking at a phone
Digital Age Networking

Preparing for Wi-Fi 7: Five Key Steps for a Smooth Transiti…

Is your network ready for Wi-Fi 7? Here are five steps to help prepare.

Tags - Security

Securing unified communications and collaboration solutions

Download
Chat