EU NIS2 Directive

Thank you for joining our webinar on Tuesday 23 May with the topic EU NIS2 Directive: Taking EU cybersecurity maturity to the next level.

After two years of EU trilogue, the updated version of EU NIS Directive (NIS2) was formally issued on 27 December 2022. NIS2 is part of the EU’s response to rising cyber threats and challenges encountered during NIS1’s implementation. Its prime objectives include enhancing collaboration among EU Members States and achieving a higher level of consistency in cybersecurity across the EU.

NIS2 imposes stricter cybersecurity risk management controls and stringent reporting obligations on organizations falling under specific economic sectors. Such organizations are referred to as Essential and Important Entities (EIEs).

EU Members States, including Belgium, have 18 months to transpose it into national legislation. It is expected that impacted organizations will have to comply with the law transposing the new EU Directive by early 2025.

This means that organizations falling under scope of NIS2 need to start preparing early to avoid last minute rush. Early preparations include identifying expected efforts and associated timelines to adjust current internal practices and processes to adhere to the new requirements.

Our experts, Hussain Ahmed and Benoit Watteyne from Cyber and Privacy practice at KPMG Belgium informed you through the new obligations under NIS2 directive along with key takeaways below and lessons learnt from supporting organizations, falling under scope, with their journey of compliance with NIS requirements.

• EU NIS2 directive transposition in Belgium into a local law is on-going and Belgian competent authorities are putting in place the modalities for compliance with underlying EU NIS2 directive requirements.
• Companies and organizations need to do a self-assessment in order to assess if they fall under scope of the new directive and if so, whether they are to be deemed as essential or important entities in order to register themselves once it is time to do so.
• KPMG supports clients falling under scope with their journey of compliance with NIS2 requirements. This includes conducting a NIS2 gap assessment and developing and implementing a NIS2 cybersecurity roadmap.

Please select your preferred topic(s) by clicking on the corresponding video(s). Should you have any further questions or comments, do not hesitate to reach out to our experts.