29 April 2026

5 min read

Security of cloud environments in the context of NIS2/KSC and DORA regulations – how to avoid risks?

Bartosz Pyrczak

Head of Growth

Linkedin
Security of cloud environments in the context of NIS2/KSC and DORA regulations – how to avoid risks?

Migration to cloud computing has become a key element of digital transformation for companies in Europe. Organizations are increasingly moving their applications, data, and operational processes to cloud environments, taking advantage of their flexibility and scalability. However, the growing dependence on cloud services also involves new threats – cyberattacks, data breaches, and non-compliance with IT regulations.

To regulate these issues, the European Union has introduced the NIS2 directive (implemented in Poland as the Act on the National Cybersecurity System – KSC) and the DORA regulation, which impose new obligations on companies regarding digital security, risk monitoring, and incident reporting. Is cloud computing truly fully secure? How to avoid risks resulting from cyberattacks and how to adapt IT strategy to NIS2, KSC, and DORA to ensure regulatory compliance?

NIS2/KSC and DORA regulations – key requirements for organizations using the cloud

1. NIS2 Directive and KSC – security of critical infrastructure and cloud providers

The NIS2 directive introduces new obligations for cloud service providers, IT companies, and essential and important entities. Its goal is to increase cyber resilience across the EU and minimize the impact of cyberattacks.

According to NIS2:

  • Cloud service providers are subject to new security regulations and incident reporting obligations.
  • Companies using the cloud must implement cybersecurity strategies, including threat monitoring and incident management.
  • The National Cybersecurity System (KSC) in Poland will enforce the regulations and supervise the entities subject to the directive.

Market example: In December 2023, cybercriminals attacked Scania Polska and Scania Finance Polska, encrypting personal data and restricting access to it. This attack had serious operational and financial consequences for the company, forcing it to implement advanced remediation procedures and data recovery.

2. DORA – digital resilience of the financial sector

The DORA regulation (Digital Operational Resilience Act) entered into force on January 17, 2025, and covers financial institutions such as banks, fintechs, insurers, entities related to crypto-assets, and electronic money institutions.

New requirements include:

  • An obligation to manage IT risk in financial institutions.
  • Monitoring of cloud providers to prevent threats resulting from IT infrastructure outsourcing.
  • Regular testing of IT system resilience, which means the necessity of conducting cyberattack simulations and security audits.

Market example: In January 2024, the British company Royal Mail fell victim to a ransomware attack carried out by the LockBit group. The attack affected a distribution center in Northern Ireland, preventing international deliveries and forcing the company to seek alternative logistics solutions..

Main threats related to cloud security

1. Unauthorized access and data breaches

Lack of Identity and Access Management (IAM) and permission control can lead to customer data theft, GDPR violations, and financial losses.

  • To prevent such situations, organizations should implement multi-factor authentication (MFA), segregation of access and permissions, and user activity monitoring.
  • Furthermore, it is crucial to use Identity and Access Management (IAM) systems and SIEM (Security Information and Event Management) tools to detect anomalies and respond quickly to security incidents.

2. Ransomware attacks and internal threats

Hackers are increasingly using ransomware attacks on cloud systems, encrypting data and demanding a ransom. Organizations should implement advanced security systems, such as XDR (eXtended Detection and Response) or EDR (Endpoint Detection and Response), as well as regular offline and offsite backups, to minimize the risk of data loss and ensure quick system restoration after an attack.

3. Downtime and lack of a contingency plan

Although a complete shutdown of cloud services is rare, incidents limiting the availability of certain functions do occur. An example is the Microsoft system failure in January 2024, which caused difficulties with logging in and accessing applications based on Microsoft Azure and Microsoft 365. Organizations should implement multi-cloud strategies, data redundancy, and hybrid backups to ensure operational continuity and minimize the effects of temporary provider issues.

our service

Build a cloud secure from the ground up

Default settings and broad IAM roles cause most breaches. Our security by design architecture with CSPM and zero trust stops risks before they even exist.
Cloud and infrastructure security

How to avoid risks and secure cloud, hybrid, and on-premise systems?

To ensure regulatory compliance and avoid threats, companies should implement integrated security strategies covering the cloud, hybrid environments, and on-premise infrastructure.

1. Incident management automation

Automation of security processes allows for faster detection and response to threats in cloud environments. SIEM systems collect and analyze logs from various sources, enabling the identification of suspicious activities, while XDR integrates data from multiple systems for more effective detection and neutralization of attacks. Implementing these tools allows organizations to reduce incident response time, minimize losses, and improve the overall resilience of IT systems.

2. Cloud provider management and compliance audits

Regular auditing of IT providers allows ensuring compliance with NIS2 and DORA regulations, minimizing risks related to IT service outsourcing and cloud usage. Organizations should periodically verify security measures applied by providers, analyze their risk management procedures, and mechanisms for detecting and responding to incidents. It is also key to check whether providers follow cybersecurity best practices and if their infrastructure meets requirements regarding business continuity and data protection. Implementing regular audits and SLAs (Service Level Agreements) allows for better control over IT system security and a reduction in operational risk.

3. Hybrid approach to backups and redundancy

Companies should implement multi-cloud strategies as well as offline and offsite backups to protect against failures, cyberattacks, and data loss. Data redundancy in various environments (public cloud, private cloud, on-premise infrastructure) increases system resilience to downtime and enables fast service restoration in the event of an incident. Additionally, regular offline backups protect against the effects of ransomware attacks and ensure data availability even in the event of a cloud service provider failure.

4. Zero Trust model – no default trust

The Zero Trust model assumes that no user or system is trusted by default, and access to IT resources must be verified at every stage. To effectively implement this approach, organizations should use multi-factor authentication (MFA), network segmentation, and the principle of Least Privilege Access. It is also crucial to continuously monitor user activity and analyze risk using SIEM, XDR, and IAM tools to quickly detect and block potential threats.

Summary: Is your company ready for the new regulations?

Cyberattacks have become a daily occurrence, and their number is growing every year. Particularly dangerous are the actions of hacker groups supported by hostile states, which increasingly conduct coordinated cyberattacks on key sectors of the economy, financial institutions, and critical infrastructure. In the face of growing threats, companies must not only meet regulatory requirements but also actively strengthen their digital resilience.

New regulations, such as NIS2 and DORA, force regular IT provider audits and incident management automation, which allows for better protection of systems against cyberattacks and data breaches. Furthermore, multi-cloud strategies, offline backups, and redundancy mechanisms increase company resilience to failures and ransomware attacks.

Does your organization possess the appropriate data protection, threat monitoring, and IT risk management mechanisms? If not, it is high time to implement effective security strategies to avoid sanctions, financial losses, and operational threats that will only grow due to the dynamic geopolitical situation.

Author

Bartosz Pyrczak

Head of Growth

Head of Growth at Tenesys. Connects people, builds relationships, and ensures the company grows in the right direction. Convinced that in IT sales, the one who listens better than they speak wins. Privately a traveler and cyclist.

Linkedin

Przeczytaj również