The European Union Agency for Cybersecurity (ENISA) has observed that many organisations across EU member states are lagging behind in the implementation of the NIS2 Directive. Implementation appears to be particularly problematic in the sectors of IT services, aerospace, government, maritime, gas supply, and healthcare.
Key obstacles according to ENISA:
-
Outdated IT environments and insufficient investment in cybersecurity.
-
Complex supply chains and a lack of clear national legislation.
-
Many countries, including the Netherlands, have yet to fully transpose the NIS2 Directive into national law.
What can organisations do now?
-
Assemble a team responsible for NIS2 compliance.
-
Appoint a clear point of accountability within the organisation.
-
Begin working towards achieving the NIS2 QualityMark to ensure structured and efficient compliance with all requirements.
Why this is relevant for Dutch companies:
Organisations falling within the scope of NIS2 face legal and reputational risks if they fail to comply with the directive. Even for SMEs, it is crucial to demonstrate that their cybersecurity is in order – the inability to provide such assurance may result in the loss of customers.
On this website, you’ll find practical tools and clear guidelines to quickly assess your digital resilience and start working on your NIS2 obligations right away.
