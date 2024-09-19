A significant milestone for cybersecurity has been reached with the adoption of the European NIS2 directive. Its Belgian transposition law will take effect in exactly one month (18 October 2024).

Key insights New cybersecurity compliance rules Mandatory risk assessments and trainings Update your contracts with service providers

Under NIS2, numerous companies spanning different sectors will be facing increased cybersecurity obligations.

The NIS2 legislation impacts more entities than those directly listed, as all directly covered entities are required to ensure their suppliers and direct service providers implement similar measures.

Failure to comply may have significant consequences, including potential administrative measures and fines, with possibilities for legal representatives to be personally liable for breach of their duties to ensure compliance.

Among the requirements, the following are key to any compliance checklist:

Risk analysis and information system security policies

Supply chain security measures

Incident handling measures

Business continuity measures

Cybersecurity risk management assessment policies

Cyber hygiene practices and training

Cryptography and encryption policies

HR security, access control, and asset management

Multi-factor authentication and secure communication measures

Security measures for the acquisition, development, and maintenance of network and information systems

Coordinated vulnerability disclosure

