{"id":3810,"date":"2023-11-23T14:20:05","date_gmt":"2023-11-23T13:20:05","guid":{"rendered":"https:\/\/warpnet.nl\/?p=3810"},"modified":"2025-12-08T13:25:07","modified_gmt":"2025-12-08T12:25:07","slug":"de-nieuwe-nis2-richtlijn-wat-betekent-dit-voor-u","status":"publish","type":"post","link":"https:\/\/warpnet.nl\/en\/blog\/de-nieuwe-nis2-richtlijn-wat-betekent-dit-voor-u\/","title":{"rendered":"The new NIS2 directive, what does it mean for you?\u00a0"},"content":{"rendered":"<p class=\"has-medium-font-size\">You may have heard of it: NIS2. The NIS2 Directive (Network and Information Security Directive) is the latest EU policy to improve the collective cybersecurity of member states. And by the end of 2024, this directive will actually come into effect. That, of course, raises questions. In this blog, we discuss what the directive is and what it means for you.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What is NIS2?<\/h2>\n\n\n\n<p>NIS2 replaces the current NIS directive, implemented in the Netherlands as the WBNI (Wet Beveiliging Netwerk- en Informatiesystemen). Seven years after this directive, the cyber threat landscape has changed significantly and no longer met the needs. The NIS2 directive ensures that all organizations that perform a vital function in society have a high level of cyber security. The goal of this is to be more resilient against threats posed by hackers and malware.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Does the NIS2 also apply to you?<\/h2>\n\n\n\n<p>Do you have more than 250 employees? Then you must comply with NIS2 anyway. For organizations with less than 250 employees, it depends on the sector. NIS2 distinguishes 2 groups here: <em>essential <\/em>and <em>important<\/em>. Both are subject to the same cybersecurity management and incident reporting requirements under NIS2. The main difference between essential and key organizations is compliance monitoring. For essential providers, primarily parties in vital sectors, monitoring must be strictly proactive and clearly reflected in their processes. This means that regulators will check that these organizations are correctly implementing and complying with the rules. For organizations in key sectors, monitoring will be reactive, when there is evidence of a cyber incident.<\/p>\n\n\n\n<p>If your organization falls into one of these groups and you have more than 50 employees or a minimum annual turnover and balance sheet total of 10 million, you must also comply with NIS2.<\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:600px\">\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"656\" src=\"https:\/\/warpnet.nl\/wp-content\/uploads\/2023\/11\/Kopie-van-NIS2-1-1024x656.png\" alt=\"\" class=\"wp-image-3819\" style=\"aspect-ratio:1.5609756097560976;width:564px;height:auto\" srcset=\"https:\/\/warpnet.nl\/wp-content\/uploads\/2023\/11\/Kopie-van-NIS2-1-1024x656.png 1024w, https:\/\/warpnet.nl\/wp-content\/uploads\/2023\/11\/Kopie-van-NIS2-1-300x192.png 300w, https:\/\/warpnet.nl\/wp-content\/uploads\/2023\/11\/Kopie-van-NIS2-1-768x492.png 768w, https:\/\/warpnet.nl\/wp-content\/uploads\/2023\/11\/Kopie-van-NIS2-1.png 1200w\" sizes=\"(max-width: 1024px) 100vw, 1024px\"\/><figcaption class=\"wp-element-caption\"><a href=\"https:\/\/security.enshore.nl\/nis2-richtlijn\/\" data-type=\"link\" data-id=\"https:\/\/security.enshore.nl\/nis2-richtlijn\/\" target=\"_blank\" rel=\"noopener\"><em>Overview of essential and key sectors according to the NIS2 directive<\/em>&#xA0;<\/a><\/figcaption><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\"><\/div>\n<\/div>\n\n\n\n<div id=\"warpnet-content-block_6ac0a05f7b87aecf2de751bb013052c1\" class=\"warpnet-content-block\" style=\"--blockBackgroundColor:var(--color-light-grey);--blockTextColor:var(--color-dark);\">\n    <div class=\"inner-block\">\n\n<p><strong>Central government: NIS2 Self-assessment NL<\/strong>&#xA0;<\/p>\n\n\n\n<p>Not sure if your organization is covered by the directive? The central government has developed a tool to check whether the NIS2 directive applies to your organization: <a href=\"https:\/\/regelhulpenvoorbedrijven.nl\/NIS-2-NL\/\" target=\"_blank\" rel=\"noreferrer noopener\">NIS 2 Self-assessment EN (rule aids-for-businesses.com)<\/a>&#xA0;<\/p>\n\n<\/div>\n<\/div>\n\n\n\n<div style=\"height:28px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">What your organization must meet according to NIS2<\/h2>\n\n\n\n<p>NIS2 will address the problems with the previous NIS legislation and tighten the rules. The main one concerns the inconsistent way the previous NIS2 directive was implemented. This made cooperation between countries difficult and weakened ensuring the effectiveness of cybersecurity in the EU.<\/p>\n\n\n\n<p>If you are among the organizations required to comply with the NIS2 guideline, this is at least what you need to implement\/implement:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Risk analysis<\/li>\n\n\n\n<li>Incident handling<\/li>\n\n\n\n<li>Business continuity policy<\/li>\n\n\n\n<li>Supply chain security (in relationships\/suppliers)<\/li>\n\n\n\n<li>Measuring effectiveness of measures (KPIs).<\/li>\n\n\n\n<li>Cyber hygiene and staff training<\/li>\n\n\n\n<li>Policies and procedures on use of cryptography and encryption<\/li>\n\n\n\n<li>Security aspects v. personnel, such as access policies and asset management<\/li>\n\n\n\n<li>Security in acquisition, development and maintenance of network and information systems<\/li>\n\n\n\n<li>Use of 2FA, secure emergency communication system, etc.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">The consequences of non-compliance<\/h2>\n\n\n\n<p>Should an incident occur, it must be reported to the regulator within 24 hours. What is important to know is that as the board of your organization, you are liable for compliance. If you fail to do so? Then you risk a fine. These fines are the same as those for AVG violations, which means that NIS2 should be understood in a similar way and taken just as seriously.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Preparing for NIS2<\/h2>\n\n\n\n<p>On the contrary, see the positive side of NIS2! Because with better cyber security, you can prevent a lot of misery. Less chance of viruses and fines! If you have any questions about NIS2, please feel free to contact us.<\/p>","protected":false},"excerpt":{"rendered":"<p>You may have heard of it: NIS2. The NIS2 (network and information security directive) is the latest policy...<\/p>","protected":false},"author":17,"featured_media":3812,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","content-type":"","footnotes":""},"categories":[14],"tags":[],"class_list":["post-3810","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog"],"acf":[],"_links":{"self":[{"href":"https:\/\/warpnet.nl\/en\/wp-json\/wp\/v2\/posts\/3810","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/warpnet.nl\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/warpnet.nl\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/warpnet.nl\/en\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/warpnet.nl\/en\/wp-json\/wp\/v2\/comments?post=3810"}],"version-history":[{"count":8,"href":"https:\/\/warpnet.nl\/en\/wp-json\/wp\/v2\/posts\/3810\/revisions"}],"predecessor-version":[{"id":3823,"href":"https:\/\/warpnet.nl\/en\/wp-json\/wp\/v2\/posts\/3810\/revisions\/3823"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/warpnet.nl\/en\/wp-json\/wp\/v2\/media\/3812"}],"wp:attachment":[{"href":"https:\/\/warpnet.nl\/en\/wp-json\/wp\/v2\/media?parent=3810"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/warpnet.nl\/en\/wp-json\/wp\/v2\/categories?post=3810"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/warpnet.nl\/en\/wp-json\/wp\/v2\/tags?post=3810"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}