Does the NIS2 apply to your company? Here’s what you need to arrange
Download your pdf here.
As of January ’23, all companies and organisations within Europe have to comply with the new NIS2 directives. A major difference with previous legislation is that the NIS2 includes sanctions and the board can be held accountable if insufficient action has been taken in the area of Cyber Security. Because the guidelines of the NIS2 apply to considerably more sectors and branches, it’s important that SMEs in the Netherlands and in other European countries get their act together. In this blog you can read what you as a company must comply with and what exactly the NIS2 entails.
What is NIS?
NIS is short for Network and Information Security and is the first legislation in Europe in the field of cyber security. (The NIS has also been in force in the Netherlands since 2016 and has been converted in the Netherlands into the Wet Beveiliging netwerk- en informatiesystem [WBNI]. This guideline motivates companies and organizations to organize and tighten their digital security.) With the sharp increase in cyber-attacks, the European Commission presented a new EU security strategy in 2020: the NIS2.
Where the NIS is limited to only the large companies in vital sectors, like drinking water supplies and telecom, the NIS2 goes a step further. The NIS2 definitely will have a bigger impact on EU business. This mature version of the NIS focuses on three pillars of security:
- Security risk mapping;
- Protection and detection to mitigate risks;
- Limiting the consequences of cyber incidents.
With the NIS, many companies still get away with complying with the GDPR (AVG in the Netherlands) and other ‘basic rules’. But now that the NIS2 guidelines are in force, many companies really have to pull out all the stops when it comes to cybersecurity.
As of January ’23, all companies and organisations within Europe have to comply with the new NIS2 directives. A major difference with previous legislation is that the NIS2 includes sanctions and the board can be held accountable if insufficient action has been taken in the area of Cyber Security. Because the guidelines of the NIS2 apply to considerably more sectors and branches, it’s important that SMEs in the Netherlands and in other European countries get their act together. In this blog you can read what you as a company must comply with and what exactly the NIS2 entails.
What is NIS?
NIS is short for Network and Information Security and is the first legislation in Europe in the field of cyber security. (The NIS has also been in force in the Netherlands since 2016 and has been converted in the Netherlands into the Wet Beveiliging netwerk- en informatiesystem [WBNI]. This guideline motivates companies and organizations to organize and tighten their digital security.) With the sharp increase in cyber-attacks, the European Commission presented a new EU security strategy in 2020: the NIS2.
Where the NIS is limited to only the large companies in vital sectors, like drinking water supplies and telecom, the NIS2 goes a step further. The NIS2 definitely will have a bigger impact on EU business. This mature version of the NIS focuses on three pillars of security:
- Security risk mapping;
- Protection and detection to mitigate risks;
- Limiting the consequences of cyber incidents.
With the NIS, many companies still get away with complying with the GDPR (AVG in the Netherlands) and other ‘basic rules’. But now that the NIS2 guidelines are in force, many companies really have to pull out all the stops when it comes to cybersecurity.
Do you want to know more about how to approach this, or are you curious how compliant your organization is at the moment? Our experts are ready to answer your questions!
Or download the NIS2 brochure.
