Insights
NIS2 and Cybersecurity: How do you ensure your organisation complies with the new NIS2 cyber security regulations?
In today's world of digital threats, NIS2 compliance is essential. What happens if your organisation does not comply? Who is covered by these regulations? Find out the implications and how Van Dessel can help you.
What specifically is NIS2?
It expands the previous NIS1 directive, adds more sectors and imposes stricter security measures.
These regulations (NIS2 - EU 2022/2555) will be transposed into Belgian Law by the Federal Government in the coming months, with 17 October 2024 as the deadline.
We will thus arrive at a first mandatory legislation on cybersecurity, like GDPR was already created for data and data protection.
Relevant domains and minimum requirements within this law
The requirements mandated by the regulation can be summarised in the following domains:
- Risk management (including: security and access control systems, encryption, awareness and staff training)
- Business continuity (including: incident plan, backups, crisis team)
- Processes (including: risk analysis, incident notification, analysis of security/IT measures incl. suppliers)
A detailed formulation of the minimum IT and security requirements can be found on the accompanying NIS2 website.
Who is subject to this new law?
The scope is divided into two criteria namely company size and activities.
Companies with:
Turnover > EUR 10,000,000
Workforce > WN 50
Active or involved in:
- Energy
- Research
- Transport
- Food
- Digital providers
- Healthcare
- Banking & Infrastructure Financial markets
- Chemicals
- Drinking water/wastewater
- Government
- Postal/courier services
- ICT services
- Waste management
- Food products
- Manufacturing
What in case of non-compliance with NIS2?
If your company is within the above scope and fails to comply with the regulations, this can lead to fines and other sanctions.
For instance, managers and directors can be held personally liable. In addition, your company can be fined up to 2% of annual turnover with a maximum of EUR 10,000,000.
How can Van Dessel contribute?
Maintaining good cybersecurity is a must for all companies today. Besides good prevention, it is also important to reflect on the consequences should things go wrong.
Here, a cyber policy can serve as a financial reassurance but also a necessary tool to guarantee business continuity.
We can therefore say that taking out a cyber solution goes hand in hand with the areas included within the legislation.
At Van Dessel Insurance Brokers, we will consult with you to conclude a policy that ensures that the consequences during and after the incident remain as limited as possible.
In addition, you can always count on our experts to be ready, which can be crucial in the event of an incident.
For more information and/or questions about our cyber solution, please contact us.
Delen