Anyone processing data electronically has to take action: cybersecurity. The upcoming European legislation NIS2 tightens network and information security in essential and key sectors. The objective: to improve the resilience of Europe's digital infrastructure and improve cybersecurity.
The Network and Information Systems (NIS) Directive was introduced in 2016. Due to enlargement of the cyber threat landscape and the rapid digitisation of our society, the directive has now been tightened and expanded. The second version, NIS2, will take effect from October 2024 and is mandatory for organisations identified as critical or important to the Dutch infrastructure.
Why NIS2?
Cyberattacks are becoming increasingly complex and common. The entire digital infrastructure could be at risk and with it multiple parties within a sector. The NIS2 directive provides a more unified approach to cybersecurity within the European Union.
NIS2 places particular emphasis on security of supply chains…. This is because a security breach at one supplier can harm not only that supplier, but also all the companies with which it is connected electronically and physically.
At what point does my organisation fall under the NIS2 legislation?
Check here for more information about which companies/sectors are covered by the NIS2 legislation.
Organisations covered by NIS2 have a number of duties, namely:
- Registration requirement
- Duty of care
- Duty to report
- Monitoring
The new version expands the directive to cover a wider range of sectors considered essential to the economy and society. These include stricter requirements for the security of network and information systems, and a duty to report incidents.
NIS2 applies to your business… now what?
The action you need to take varies from one company to another and depends on the risks involved. Contact us during the Royal FloraHolland Q&A session to discuss.
What does NIS2 mean for growers and buyers?
Protection of company data — Growers process a lot of sensitive information, from cultivation data to customer information. NIS2 requires you to apply stricter security measures to protect this data from cyberattacks. One example of such measures is the use of very strong passwords.
Reliability of Services – Implementing NIS2 will improve the reliability and continuity of digital services. This means less chance of disruptions which could lead to lost production or financial losses.
Secure transactions — Buyers can be confident that their business is conducted securely and that their personal and payment details are properly protected.
Transparency and accountability — NIS2 requires companies to be more transparent about their cybersecurity measures and incidents. This gives buyers more insight and confidence in the security of the platforms they use.
Find out more about NIS2
Read more about the updated legislation at the Dutch National Cyber Security Centre.
What we are doing towards a secure digital platform
Working with Royal FloraHolland, Floriday is looking to provide users with a secure digital platform. Which is why we are investing in an environment that is resistant to attack from cybercriminals. Royal FloraHolland is therefore one of the original founders of the Greenport Cyber Resilience Centre, where we are working with the entire sector on cybersecurity. We also offer growers and buyers a Royal FloraHolland Cyber subscription free of charge, to learn more about the subject and help with tips and advice.
There is a free monthly cyber consultation session especially for members of Royal FloraHolland (second Tuesday of every month). You can sign up here.