NIS2 Banner

NIS2.

The new EU cybersecurity legislation.

Is your organisation active in one of the industries classed as crucial for Dutch society? If so, you must comply with the new NIS2 Directive, which is the new European Union cybersecurity legislation designed to better protect organisations from cyberattacks. Here, we summarise the most important facts and keep an eye out for the latest NIS2 news to make sure you’re always up-to-date.

Want our handy newsletter delivered straight to your inbox? Sign up and receive our whitepaper detailing the NIS 2!

Receive NIS2 updates

NIS2 – Important points at a glance.

We’ll keep you up-to-date on all things NIS2 right here. Looking for a practical overview for future reference or to share with your colleagues? Our free infographic gives you exactly that. Simply save the file so you always have the most important points to hand.

View infographic

Not sure if your organisation is impacted by the NIS2 Directive?

Many businesses and organisations aren’t sure if NIS 2 applies to them or not. Check now to see if you’re affected.

NIS2 check

What is NIS2?

NIS stands for Network and Information Security and the directive focuses on critical companies such as those in the water and telecommunications industries. The European Union recently concluded that the 2016 Directive for the security of networks and information systems no longer cut the mustard and have therefore been working on the new and updated NIS2, which goes a step further by boosting security requirements across Europe to cover a greater number of industries.


The deadline for implementation is 17 October 2024, but as you’ve probably already heard, the Dutch government have announced they won’t be able to meet that. It’s a complex issues and policy makers need more time to get their heads around it, making it unclear when the directive will come into effect in the Netherlands. In the other EU member states, however, the regulations will be rolled out on schedule meaning it is important for businesses with international customers to be prepared for that October deadline.

The directive focuses on:

Security Icon

Toughening security requirements

Protection Icon

Improving supply chain security

Reporting Icon

Optimising and streamlining reporting requirements

Eye Icon

Stricter monitoring

EU Icon

Introducing more stringent enforcement requirements and coordinating penalties across EU member states

What are the directive’s provisions? 

1.

Every organisation affected by the NIS2 Directive is obliged to comply with some essential minimum requirements including those related to crisis management in the event of a considerable cyber incident and the use of cryptography and encryption.

2.

These companies also have a very strict obligation to report incidents within 24 hours of becoming aware an incident has taken place and to follow that up within a month with a comprehensive report.

Which sectors are affected?

Previously, it only applied to healthcare, transportation, banking and financial market infrastructure, water, energy, and digital infrastructure providers, but the new NIS 2 Directive has expanded its scope to cover organisations that are critical to society, such as:

  • Telecommunications and energy providers
  • Railway operators
  • Waste and water management companies
  • Financial services
  • Post and courier services
  • Manufacturers of medical devices
  • Public administration.

Step-by-step to greater cyber resilience. Gain an insight into your security level and set priorities with ease.

Many businesses are either completely unaware of their cybersecurity status or they have so many measures in place that don’t align with each other that they can’t see the wood for the trees. With our free, no-strings-attached NIS 2 scan, we can provide an overview of where you stand in terms of your people, your organisation and your technology.

Check your organisation

Joris RooijackersJoris Rooijackers

Solution Consultant Security

Phone: +31 631 149517

Joris Rooijackers

 

 

 

 

 

Joris Rooijackers

Solution Consultant Security

Phone: +31 631 149517

You might also be interested in ...

Prepare your organisation for the NIS2 directive
08
Oct
2024
Prepare your organisation for the NIS2 directive

In this blog post, Bechtle's solution advisor security, Patrick Voss, sets out what organisations can already do now to prepare properly.

NIS2 – The importance of business continuity and a disaster recovery plan.
06
May
2024
NIS2 – The importance of business continuity and a disaster recovery plan.

Discover why business continuity and disaster recovery are critical. Learn how to prepare for incidents and comply with the NIS2 Directive.

Monitoring NIS2 - This is expected from you
08
Dec
2023
Monitoring NIS2 - This is expected from you

Monitoring according to NIS2 for essential and key organisations. Learn why this differs, the consequences of non-compliance and how it contributes cybersecurity.

The duty of care and reporting: what does it mean?
13
Sep
2023
The duty of care and reporting: what does it mean?

The NIS2 Directive, a successor to the original NIS Directive, has turned the cybersecurity world in Europe upside down. Two of the most discussed aspects of this directive are the 'duty of care' and the 'duty to report'.

A cybersecurity incident response plan as part of your business continuity plans
12
Jul
2023
A cybersecurity incident response plan as part of your business continuity plans

The probability of a fire is 1:8000. But did you know that the probability of a cyber attack is 1:5? Then it is crazy that not every company has taken sufficient measures to prevent data loss.

Powered by:

Microsoft logo

Barracuda logo

eset logo

AvePoint logo

Fortinet logo

Veeam logo