NIS2

The cyber security standard applied to the supply chain

Developed for the direct suppliers of NIS2 companies

The Network & Information Systems directive, or NIS2 directive, was adopted by the European Union with the aim of improving cybersecurity and resilience of essential services. Compared to the first NIS directive, NIS2 goes a lot further. It covers more sectors and sets stricter security standards and reporting obligations in case of incidents. Those organisations identified as critical or important, the NIS2 companies, are given a far-reaching effort obligation to protect their digital network and systems from disruption or extortion. That obligation includes working with their direct suppliers to secure the supply chain. NIS2 Quality Mark is the appropriate tool for this.

Because NIS2 are considered jointly responsible for supply chain cybersecurity, they will demand their direct suppliers, mostly SMEs, to take the necessary take security measures. But when have these companies done enough? And how can they demonstrate this?

Developed in consultation and with the support of dozens of industry and professional associations, NIS2 Quality Mark offers the practical answer to these questions. Through a modular system of standards, supply chain companies can implement appropriate measures tailored to their organization’s size and significance, with the official NIS2 QM certificate serving as demonstrable proof.

Modular standards system, with recognised certificate as proof

NIS2 Quality Mark knows
3 levels, tailored to the importance and size of the organisation

Scroll naar boven