In this article we discuss the recent updates surrounding NIS2 and provide practical tips to use this period effectively.

Want to learn more about how to optimally secure your cloud environment and remain compliant with increasingly stringent regulations? In our whitepaper, we provide you with in-depth insight into cloud security, including tips to minimize risks and future-proof your organization.

The implementation of NIS2 is in the Netherlands so postponed, but we do have more clarity about the content of the legislation and the impact it will have on various sectors. These are the most important updates:

The official introduction of NIS2 has been postponed to early 2025. This gives organisations some breathing space in preparing for the duty of care and reporting that the new regulations entail. But time flies and that is why it is essential that you start implementing appropriate security measures now.

The NIS2 goes beyond the original NIS Directive. Companies in sectors such as healthcare, financial services, digital infrastructure (and therefore also cloud) will also have to comply with the new regulations in 2025. For cloud providers, like Uniserver, this means that we support our partners – MSPs en ISVs – in these sectors can provide additional support with sector-specific security solutions. If MSP or ISV fall you may NOT ALLOWED itself under the NIS2, maar as your customers there yes onder fall, val you in gain framework of chain responsibility also under the rules or do you lose weight as (potential) supplier.

Corporate executives will be given more responsibility under NIS2. They can be held personally liable for serious shortcomings in cybersecurity. Even more reason to comply with the requirements. The sanctions for non-compliance are substantial: fines can amount to 10 million euros or 2% of the company's global turnover. A major wake-up call that once again emphasises the need for timely preparation. underlined.

One of the new requirements is that governments, organizations and other entities must seek more cooperation in exchanging information about cyber threats. In concrete terms, this means that organizations must implement systems that can safely and quickly share data in order to detect and mitigate attacks early.

With NIS2 postponed, it’s tempting to let things take their course. However, now is the time to invest strategically so that you are fully prepared later. But how do you use that extra time effectively? Here are some steps you can take:

The first step is to gain insight into your current situation. Through an extensive risk analysis and gap assessment, you will find out where the vulnerabilities lie in your organization. This will give you a good idea of ​​where improvements are needed to become NIS2-compliant.

The extra time gives you the space to build security into the core of your IT infrastructure. Security should not be a separate add-on, but an integral part of your infrastructure. Think about how systems and processes can be designed and implemented as securely as possible. We are happy to help you with cloud solutions that are designed with security in mind and meet the strictest standards.

An important part of NIS2 is the reporting obligation in the event of incidents. You will soon be obliged to report incidents to the supervisor within 24 hours. Therefore, make sure you have a detailed incident response plan ready to respond quickly and adequately to cyber attacks or security incidents. Also include clear protocols in the plan for how any incidents should be reported to the supervisor within the set 24 hours.

The new legislation requires continuous monitoring of networks and systems. You should not only be reactive in the unlikely event that something goes wrong, but also work proactively to detect possible threats. With proactive monitoring and detection systems, you can tackle problems at an early stage. In this way, you comply with the reporting obligation of NIS2 and at the same time minimize the damage.

We understand that the path to NIS2 compliance is not an easy one. Our expertise in sovereign cloud solutions and cybersecurity makes us the ideal partner to guide you through this process. With our years of experience, we offer solutions that not only make your infrastructure more robust and secure, but also ensure that you comply with the new regulations.

The postponement of NIS2 gives you a unique opportunity to get your cybersecurity in order before the regulations come into effect in 2025. So don't wait, but invest in the right measures. In this way, you will not only meet the new requirements, but you will also protect your organization better against cyber threats.

Whether it’s risk assessments, creating an incident response plan, or implementing ‘Security by Design’, every step you take now will make your organization stronger and more resilient. Start mapping your current situation today and make good use of the extra time to prepare. The clock is ticking and this period offers the opportunity to make the difference between stress and certainty with NIS2 in sight.

Want to know more about how we can help you? Contact us and discover how we can make your organization safer and NIS2-ready together.