NIS 2
NIS2 (Cbw).
The European Union introduced the NIS2 Directive to strengthen the resilience of organizations that provide vital services, such as energy, transportation and healthcare. This directive establishes rules to ensure that these companies are well protected against cyber attacks. EU member states must implement this directive in the second half of this year and it will then apply Oct. 17 to these companies. In the Netherlands, the directive will be implemented as the Cyber Security Act (Cbw), which is expected to take effect in 2025. Companies that fail to comply risk significant fines. Want to know if your company needs to be compliant?
Click here to check with the government's self-assessment tool.
CyberManager for demonstrating NIS2 Compliance.
Companies that provide Essential or Key Services must demonstrate compliance with the NIS2 rules as of October 2024. This means they must ensure proper security, report problems quickly, and take additional measures such as having contingency plans and regularly checking their security.
Depending on whether the company provides Essential or Important services and their environment, measures must be taken. This includes having systems in place that can detect and respond to threats, having contingency plans, conducting regular audits and should have policies and risk management in place. These organizations will also place requirements on their suppliers. Suppliers, mostly SMEs will have to comply with the Basic Security Measures and if they impact this organization's network and information systems, additional measures may also be required.
Suppliers will often fall back on the ISO 27001 standard to show they are properly secured since it covers the Basic Security Measures from the NIS2. But the standard covers a broader area and is sometimes too complex for smaller companies.
NIS2 Basic Measures for SME Suppliers, Key and Essential Companies
IRM360 therefore provides a number of NIS2 (Cbw) measure setups for SME suppliers as well as Essential and Key suppliers provided with templates and links making it easier to implement these measures and demonstrate compliance.
If you, as an SME supplier, want to demonstrate that you have things digitally in order, the NIS2 Quality Mark standards system is available in our ISMS that has three levels (QM10, QM20 and QM30). SMBs can use this to easily implement the right security measures, tailored to their organization and the risk and have this tested via an external audit to obtain the Quality Mark. The Quality Mark offers clarity, is quick to implement and saves costs.
All required content and functionality for NIS2:
The IRM360 CyberManager software provides all the content and functionality whatever is needed, from policy templates, incident management, business continuity, risk management, supplier assessments for the chain, risk awareness (E-Learnings and Phishing simulations) for all employees and for management and board, audit and controls.
Why the CyberManager?
With our software, companies can instantly see where they stand on NIS2 rules. Whether you are an Essential or Major organization or an SME organization.
You can easily extend the environment to comply with the ISO 27001 standard. Other EU directives, regulations and standards are also available such as the Digital Operational Resilience Act (DORA), BIO, NEN7510, IEC 62443, CSIR, ISO 27701, BC 5701 or, for example, the ISO 42001 for the Artificial Intelligence Management System. The CyberManager supports more than 40 other frameworks and standards.
Moving on or integrating with ISO 27001?
The IRM360 NIS 2 measures are designed to also activate an ISO 27001 dashboard if desired so you don't have to redo any work. You then only need to focus on the additional measures and standards requirements. Scalable and when you are ready.
Do you already have the CyberManager?
If you already have the CyberManager in use, you can easily add the NIS2 dashboard to your existing standards set and link it to your existing measures. The NIS2 dashboard then becomes active immediately.
Choose IRM360
With IRM360 you are assured a secure and compliant future in a scalable, practical and cost efficient way.
With our other management systems for Privacy, Business Continuity, Artificial Intteligence and Risk Awareness, among others, you easily expand your control at your pace.
Contact us today for more information or request an online demo of our software.
Click here to request an online demo.
The IRM360 Management System is suitable for all common standards, certification schemes and assessment guidelines
Want to know more?
Want to know more about the ISMS Management System?
Click here for more information!
We are happy to get in touch.
Mail to: sales@irm360.nl or fill in the contact form.