The Cybersecurity Law in the Netherlands (NIS2): What You Need to Know

The NIS2 directive is being implemented in the Netherlands as the Cybersecurity Act (Cbw). What does this mean for your organization?

What is NIS2/Cbw?

NIS2 is the revised EU directive on Network and Information Security. In the Netherlands, it is being implemented as the Cyberbeveiligingswet (Cbw).

Essential entities (critical infrastructure)

Important entities (larger companies in certain sectors)

Digital service providers

1.Risk Management: Implement comprehensive security measures

2.Reporting Obligation: Report incidents within 24 hours

3.Supply Chain Security: Security throughout the supply chain

4.Governance: Executives bear personal responsibility

Non-compliance can result in significant fines:

Up to 10 million euros

Or 2% of global annual turnover

NIS2/Cbw control framework

Risk assessment tools

Documentation templates

Compliance dashboards