2025 is the year when NIS2 security measures need to be implemented. Feeling overwhelmed already? If so, then this talk is for you.

Society increasingly relies on internet-exposed web apps for basic needs, such as buying food and accessing healthcare services. Unfortunately, putting these systems on the internet also increases their exposure to cyber attacks, whether for ransom or as part of a hybrid war strategy. To bridge the gap between what society needs and the too often neglected information security, the EU has recently passed the NIS2 Directive.

In this talk, I will briefly introduce the NIS2 Directive, focusing on risk management and the 10 minimum requirements. Then, I will discuss how these requirements can be fulfilled on top of a Kubernetes platform. At the end of this talk, you will learn how platform engineering can help your boss save money by reducing compliance burden.