As of 18/10/2024, new cybersecurity legislation goes into effect in Belgium. Specifically, Europe requires companies in certain sectors to take measures regarding cybersecurity.
With the NIS-2 legislation, a lot of companies are taking the plunge into achieving the international standard for information security, namely ISO 27001. In addition to better security of crucial data, the standard will bring with it stronger customer confidence.
”The outlined cybersecurity 2.0 strategy aims to make Belgium one of the least vulnerable countries in Europe in terms of cybersecurity by 2025.
Miguel De BruyckerDirecteur van het centrum voor Cybersecurity België(CCB)
What sectors are we talking about?
A company falls under the NIS-2 regulations if it belongs to a critical or essential sector and is of a certain size. Beware, if your company is in the supply chain to an NIS-2 company (e.g., as a supplier), your customers will also be required to question your cyber security. Consequently, chances are that you will also have to make additional efforts to comply with this standard.
The following sectors are considered essential or critical:
- energy
- transport
- banking
- financial market infrastructure
- health care (reference laboratories, manufacturers of medical devices or pharmaceutical preparations and others)
- drinking and wastewater
- digital infrastructure and management of ICT services
- government (central and regional)
- aerospace, postal and courier services
- waste management
- chemistry
- production and manufacture, computer, electronic and optical products; electrical equipment; machinery and equipment n.e.c., motor vehicles, trailers and semi-trailers; other transport equipment
- food processing and distribution
- providers of digital services and research
What measures should you at least take?
- risk analysis and information systems security policies
- incident handling
- business continuity
- supply chain security
- policies and procedures to assess the effectiveness of cybersecurity risk management measures
- basic cyber hygiene practices and cyber security training
- policies and procedures on the use of cryptography and, where appropriate, encryption
- security aspects regarding personnel, access policies and asset management
How does Netcure support companies in their path to NIS-2 or ISO 27001?
This guidance program is tailored specifically for organizations that need support to be in line with the standard and/or new cybersecurity legislation.
In this process, Netcure offers advice and support on the following components:
- scope determination
- risk analysis
- gap assessment
- ISMS setup
- business Impact analysis
- incident response plan
- business continuity plan
- policies & Procedures
- disaster Recovery plan
- implementation
Curious about more?
The new cybersecurity legislation or the road to ISO 27001 … At Netcure, we understand better than anyone what this entails for your business. We love to have good conversations about this and to find out what challenges you are facing. After all, we like to relieve you of your ‘cyber headaches’.
Would you like to know more about exactly what we can do for you in this?
