SEPUR: Gap analysis and NIS2 compliance

Home > Cas Clients > SEPUR: Gap analysis and NIS2 compliance

Find out how Netsystem supported SEPUR with an NIS2 gap analysis, followed by a NIS2 compliance program.

Context & objectives

Sepur is a French company with 3800 employees, specialized in waste collection, sorting and recovery. With 60 years’ experience, the company’s size and sector of activity make it a “Major Entity” under the criteria of the European NIS2 directive, and it must therefore comply with the requirements of the NIS2 regulations.

Business challenge

Objectives:

Make NIS2 compliance a real competitive advantage and a guarantee of stability for Sepur
Increase the cyber maturity of the information system

Challenges:

At the time of our intervention, Sepur was in the midst of restructuring and modernizing its IT assets, so we had to be agile and adapt to Sepur’s constraints.
The profiles of IS users were very varied, so training and awareness-raising had to be adapted to the organization’s different profiles.

Response & method

NIS2 gap analysis (measurement of deviations from NIS2 regulations)
Support for SEPUR’s NIS2 compliance program
- CISO as a Service (Netsystem acts as Sepur’s outsourced CISO)
- Implementation of the Roadmap
- Raising management awareness (in collaboration with Nicolas Courtier, a lawyer specializing in contractual engineering and digital law)
- Review of third parties in the NIS2 sense
- Raising staff awareness of cyber risks

Key success factors