Postponement of NIS2 in the Netherlands: What does this mean for business?

In the Netherlands, the implementation of the NIS2 directive has been postponed from October 2024 to mid-2025. This delay provides businesses with more time to prepare for the stricter cybersecurity requirements that the directive entails. But what exactly does this mean for companies?

What is the NIS2 directive?

The NIS2 directive, the successor to the original NIS directive, aims to enhance the digital resilience of essential and important sectors, such as energy, transport, healthcare, and digital infrastructure. NIS2 introduces stricter security requirements and reporting obligations to improve cybersecurity.

Reason for the delay

The delay is largely due to the complexity of the directive and the necessary adjustments to national legislation. Despite the delay, the principles of NIS2 are already clear, and organizations can begin their preparations.

Sitting and waiting?

Businesses get extra time to improve their security measures and align them with the new requirements of NIS2. However, this doesn’t mean there is no work to be done: organizations should start implementing frameworks like ISO 27001 now, which provide a solid foundation for NIS2 compliance.

“Although the legal deadline has been moved, it is crucial for companies not to wait. A proactive approach can help prevent future fines and security risks”, said Martin Maas, CISO of Solvinity.

Actions businesses can take now

Risk Analysis: Conduct a detailed risk analysis to identify vulnerabilities in your IT infrastructure.
Security Measures: Implement robust security measures and ensure regular updates and audits.
Awareness and Training: Ensure staff are well-trained in cybersecurity and aware of potential threats.
Incident Response Plan: Develop and test an incident response plan to quickly and effectively respond to potential cyberattacks.

The postponement of the NIS2 directive gives Dutch businesses a valuable opportunity to thoroughly prepare for the future of cybersecurity. By taking steps now, companies can not only comply with future regulations but also significantly enhance their overall digital resilience.

Solvinity is a market leader in Secure Managed Cloud. If you want to start preparing for the NIS2 directive, contact us.