Prepare for the NIS2 directive: how Niagara Cloud Suite supports cybersecurity in building automation

Digital threats now reach not only IT systems but also physical infrastructures – putting building management systems (BMS) at increasing risk. As these systems gradually become interconnected with IT networks, their vulnerability also grows. In response, the European Union has introduced a new legal framework to strengthen the protection of vital systems.

In October 2024, the NIS2 directive came into effect, imposing strict security requirements on organizations operating critical infrastructures – including BMS systems.

📝 What is NIS2?

NIS2 is the European Union’s new cybersecurity regulation, which will become mandatory in all member states. Its aim is to set uniform requirements for the protection of network and information systems and to facilitate rapid, coordinated responses in the event of cyberattacks.

Main requirements of NIS2:

• Mandatory risk management and incident reporting procedures

• Strengthening the supply chain and access management

• Executive responsibility for implementing security measures

• Strict penalties for omissions or non-compliance

  
  

Sectors affected:

• Energy

• Transport

• Healthcare

• Digital infrastructure

• Manufacturing

• Logistics…and many other critical or important sectors

  
  

The objective is clear: to increase the resilience of systems against cyberattacks and to ensure business continuity even in times of crisis.

🔒 How can we meet these requirements?

Tridium Niagara 4.15 already comes with key built-in security features such as TLS 1.3 encryption, multi-factor authentication (MFA), and the central Security Dashboard.

However, Niagara Cloud Suite goes even further: it automates security procedures that help maintain NIS2 compliance during ongoing operations.

Read our previous articles on the topic:

Read our previous articles on the topic:

How Niagara Cloud Suite helps ensure compliance?

The main areas where Niagara Cloud Suite provides support:

◉ Secure remote access and network segmentation

The Niagara Remote service establishes an encrypted tunnel (TLS 1.3) between the cloud and the OT (Operational Technology) network.

As a result, BMS stations can be accessed without the need to open public VPN ports – reducing the risks arising from the mixing of IT/OT traffic. Traffic can be further restricted via VPN or ZTNA (Zero Trust Network Access) protocol.

◉ Automatic backups and update management

Niagara Recover creates encrypted backups exclusively to servers located within the EU.

Niagara Data Service automatically downloads signed update packages and monitors system versions, ensuring that the system remains up to date and protected against vulnerabilities.

◉ Centralized logging and real-time alerts

The Security Dashboard aggregates security events and transmits them via an encrypted channel to the team monitoring security incidents.

This facilitates compliance with the NIS2 requirement to report incidents within 24 hours.

◉ Identity management and multi-factor authentication

Administrators have a single, transparent interface to connect:

• the user directory (LDAP or Active Directory),

• enable MFA (TOTP or passkey),

• and automatically revoke permissions when an employee leaves or changes position.

Summary: prepare in time for the new requirements

The NIS2 directive focuses on three main areas:

1. Risk management

2. Business continuity

3. Rapid incident handling and reporting

Niagara Cloud Suite covers these requirements from the very first day of system deployment. The goal is not only compliance, but also supporting secure and reliable operation – with tools that match the real needs of building operations and automation.

👉 We wnsure that your building automation systems comply with the NIS2 directive - securely and up to date! Contact us!

(Source: The European Union Agency for Cybersecurity, ENISA (https://www.enisa.europa.eu/), Tridium, SmartNode Kft, Canva)

Feel free to contact us with any questions!

Contact us and become a contracted partner to gain even more valuable information. We provide our partners additional technical newsletters, programming guides and ready-made templates for most of the products we sell.

You can find more useful products by clicking on one of the links below: