The Dutch implementation law for NIS2 (Cyberbeveiligingswet) is not ready yet, and the first changes to NIS2 have already been proposed. What are the changes in the European Commission's proposal?

NIS2 Quality Mark is now called the NIS2 Supply Chain certificate. The name change puts more emphasis on the importance of resilience and digital security in the supply chain. Companies that need to comply with NIS2 are also responsible for ensuring the security of their direct suppliers.

The Dutch implementation of NIS2, the Cyberbeveiligingswet, is further delayed and is now expected to go into effect in Q2 2026.

Digital Security Institute has been selected as an audit partner for the NIS2 Quality Mark. This allows us to certify suppliers of NIS2 organizations. We are proud that we can contribute to strengthening the digital resilience of the supply chain.

The "Cyberbeveiligingsbesluit": a further elaboration of the NIS2 duty of care. What can NIS2 companies expect? It is still a proposal offered for consultation, but it gives a good idea of ​​the direction it is going.

CEOs are still not involved enough in NIS2. Directors need to get to work to gain the right knowledge and skills about NIS2 and cyber security.

The Cyberbeveiligingswet is expected to come into force in Q3 2025. The Netherlands is thus significantly behind the EU deadline (October 17, 2024).