Dutch business loses competitiveness due to unfamiliarity with NIS2

A large number of Dutch companies are at risk of losing customers or failing to meet the latest European cybersecurity. It is short notice, but if businesses immediately pull out all the stops, this threat can be reversed and become a competitive advantage.

Europese Unie

European cybersecurity directive

In October, the stringent European cybersecurity directive Network and Information Security 2 (NIS2) will come into force. This directive focuses on risks that threaten networks and information systems and could disrupt the economy and society. This includes organisations dealing with energy, transport, banking, infrastructure, financial markets, healthcare, drinking water, digital infrastructures, waste water, public services, space and management of ICT services.

Chain responsibility

As with CSRD, the European sustainability reporting system, chain responsibility applies to NIS2. If a company falls under the NIS2 directive, so do its suppliers. If they fall victim to a cyberattack and cannot deliver their products or services on time, the business continuity of their customers higher up the chain is also at risk.

Need for NIS2-Compliance

It is not as if these obligations came out of the blue. The companies concerned have had ample time to prepare for NIS2. It is difficult to explain why the Netherlands, which is so dependent on exports, has dropped stitches here. Extra worrying is that Germany and Belgium, two of the largest foreign markets for Dutch companies, took the NIS2 obligations seriously and expected this from their supply chain partners. So, NIS2 compliance needs to be put at the top of the agenda in the Netherlands to avoid losing market share. Therefore, it is wise to take the necessary steps in cooperation with a specialised management consultancy firm as soon as possible to mitigate cyber risks and sustainably strengthen one's competitive position.