{"type":"document","data":{"complementaryZone":{"flexComponents":[{"componentType":"sectionTitle","title":"Also interesting!"},{"cards":[{"body":"Limit the impact of a cyber-attack","cardSize":"medium","cardType":"article","componentType":"articleCard","date":"2023-08-10","image":{"altTextNL":"\"\"","extension":"jpg","original":"https://assets.ing.com/m/5ea7bb912077e52a/original/SIDE-VIEW-OF-A-MAN-WORKING-IN-THE-MIRROR.jpg","transformBaseUrl":"https://assets.ing.com/transform/7997b036-5928-410a-ac3b-0469bec6d9ae/SIDE-VIEW-OF-A-MAN-WORKING-IN-THE-MIRROR","type":"image","width":6602},"link":{"url":"/en/business/news/secure-business/business-reaction-plan"},"title":"Cybersecurity reaction plan"},{"body":"Reduce risks and protect confidential company data","cardSize":"medium","cardType":"article","componentType":"articleCard","date":"2023-08-09","image":{"extension":"jpg","original":"https://assets.ing.com/m/6476ed146ead66f5/original/Startups-presentatie_Private_Banking.jpg","transformBaseUrl":"https://assets.ing.com/transform/cadf3a99-6d76-4dba-97c4-f983a535a2e8/Startups-presentatie_Private_Banking","type":"image","width":640},"link":{"url":"/en/business/news/secure-business/cyber-awareness-employees"},"title":"Cybersecurity awareness for business employees"},{"body":"Follow our cybersecurity trainings and close the door to cybercriminals","cardSize":"medium","cardType":"article","componentType":"articleCard","date":"2024-03-20","image":{"altTextDE":"\"\"","altTextEN":"\"\"","altTextFR":"\"\"","altTextNL":"\"\"","extension":"jpg","original":"https://assets.ing.com/m/6dbf2299c845b8ad/original/Silhouette-of-a-business-man-walking-along-a-passage-with-green-trees-reflecting-in-the-glass.jpg","transformBaseUrl":"https://assets.ing.com/transform/9b6efb10-8f60-41f5-bac3-5e4e15706ac1/Silhouette-of-a-business-man-walking-along-a-passage-with-green-trees-reflecting-in-the-glass","type":"image","width":5200},"link":{"url":"/en/business/news/secure-business/business-trainings"},"title":"Protect your company against cybercriminals? Yes, you can!"}],"componentType":"cards"}]},"contentType":"onecms:editorialPage","flexPageMetadata":{"afmBanner":false,"description":"Is your company subject to NIS2? What obligations are incumbent on organisations concerned by NIS2?","robotInstruction":{"noFollow":false,"noIndex":false}},"flexZone":{"flexComponents":[{"componentType":"sectionTitle","title":"What exactly does NIS2 mean?"},{"alignedImage":{"position":"left","extension":"svg","original":"https://assets.ing.com/m/2822074537bd462/original/Circle-Closed-lock-4.svg","transformBaseUrl":"https://assets.ing.com/transform/94261e2b-5ffc-49f7-90e5-de0c63ac1b76/Circle-Closed-lock-4"},"componentType":"paragraph","richBody":{"value":"<p>The NIS2 Directive is a European measure that was transposed into <a href=\"https://www.ejustice.just.fgov.be/mopdf/2024/05/17_1.pdf#page=49\">Belgian law</a> on 26 April 2024.</p><p>The goal? <strong>To strengthen and better harmonise cybersecurity throughout Europe. </strong>The directive imposes new obligations on both public and private organisations that play a crucial role in the protection of networks and information systems.</p><p> </p>"}},{"componentType":"sectionTitle","title":"Does your company have to comply with NIS2?"},{"componentType":"paragraph","richBody":{"value":"<p>Your company falls under NIS2 if you meet two conditions: the <strong>size of your organization</strong> and the <strong>sector in which you are active</strong>.</p>"}},{"componentType":"paragraph","richBody":{"value":"<table><thead><tr><th>Medium-sized companies</th><th><p>Large companies</p></th></tr></thead><tbody><tr><td><ul><li>at least 50 employees</li></ul></td><td><ul><li>at least 250 employees</li></ul></td></tr><tr><td><ul><li>annual turnover of between €10 million and €50 million</li></ul></td><td><ul><li>annual turnover of at least €50 million</li></ul></td></tr><tr><td><ul><li>or an annual balance sheet total of between €10 million and €43 million</li></ul></td><td><ul><li>or an annual balance sheet total of at least €43 million</li></ul></td></tr></tbody></table>"},"title":"1. Size"},{"componentType":"paragraph","richBody":{"value":"<p>Your company must also be active in one of the (very) critical sectors, such as:</p><table><thead><tr><th><p>Highly critical sectors</p></th><th><p>Critical sectors</p></th></tr></thead><tbody><tr><td><ul><li>Energy</li><li>Transport</li><li>The banking sector and financial market infrastructures</li><li>Heathcare</li><li>Drinking water and waste water</li><li>Digital infrastructures</li><li>Etc.</li></ul></td><td><ul><li>Postal and shipping services</li><li>Waste management</li><li>The production and distribution of chemicals</li><li>Etc.</li></ul></td></tr></tbody></table><p>Not sure if your company falls under NIS2? The <strong>Centre for Cybersecurity Belgium </strong>(CCB) has <a href=\"https://atwork.safeonweb.be/tools-resources/nis-2-quickstart-guide\">a handy tool</a> to check this.</p>"},"title":"2. Business sector"},{"componentType":"sectionTitle","title":"Obligations for companies under NIS2"},{"componentType":"paragraph","richBody":{"value":"<p>If your company falls under NIS2, there are several obligations. For example, essential and important entities must take measures to mitigate risks in their networks and information systems. This prevents incidents from causing damage to your customers or other services.</p><p>Some important obligations include:</p><ul><li><strong>Cyber ​​hygiene and training</strong>: ensure basic cybersecurity practices and provide targeted training to your employees.</li><li><strong>Multifactor authentication</strong>: implement strong security measures such as multifactor authentication or continuous authentication.</li><li><strong>Management training</strong>: board members of essential and important entities must undergo training to identify risks and understand their impact.</li></ul>"}},{"componentType":"sectionTitle","title":"First steps for NIS2 organizations"},{"componentType":"paragraph","richBody":{"value":"<p>Whether or not your company is NIS2-compliant, cyber risks are always a concern. The best first step is to provide your management team with <strong>basic cybersecurity training</strong>. This will help them make the right choices and better understand quotes or IT proposals.</p><p>After this training, management can consult with partners to assess and, if necessary, adjust existing security measures. Don’t forget to train your employees in the latest cybersecurity practices.</p>"}},{"componentType":"sectionTitle","title":"Where can you find training courses?"},{"componentType":"paragraph","richBody":{"value":"<p>ING offers <a rel=\"noopener noreferrer\" target=\"_blank\" data-type=\"internal\" href=\"/en/business/news/secure-business/business-trainings\"><strong>unique training courses</strong></a>, developed by our best IT experts. Customers also receive <strong>a 50% discount</strong> on the following training courses:</p><ol><li><strong>Training for business leaders</strong>: basic principles of IT security.</li><li><strong>Awareness training for employees</strong>: introduce your staff to cybersecurity.</li></ol><p>During these practical training courses, intended for non-specialists, you will draw up a personal strategy and response plan, specifically aimed at your company. At the end, you will receive a knowledge certificate.</p>"}},{"componentType":"highlight","richBody":{"value":"<p>Cybersecurity doesn&apos;t have to be complicated. With a good understanding of the basics, you can quickly create an effective strategy, even on a limited budget.</p>"},"textLinks":[{"text":"Want to know more about our courses? Check out the details and register now.","url":"/en/business/news/secure-business/business-trainings"}],"title":"More information and registration"}]},"hasMacro":false,"id":"86b041f9-30d9-43fc-8d51-1656bdf9b323","localeString":"en-GB","mainHeaderZone":{"backLink":{"textLink":{"text":"Secure business","url":"/en/business/news/secure-business"}},"componentType":"editorialHeader","coreHeader":{"body":"Curious whether your company falls under the NIS2 directive? What are the obligations and where can you find the right training? We are happy to list it for you.","title":"Your company and the NIS2 Directive"},"date":"2024-11-21","readingTime":7},"publishDate":"2024-11-26T11:17:12.628+01:00"}}