MSP Corner

This blog was originally published by Tyneso N.V. here

How to be & stay NIS2 compliant without worries?

Is your company affected by the NIS2 requirement or do you provide services to an organisation which has to comply with the NIS2 guideline? In that case, your IT partner must be ISO 27001 certified to demonstrate that they work in accordance with NIS2 legislation. 

Talking NIS2

NIS2 is the successor to the original NIS directive (Network & Information Systems Directive) and represents a significant update in European cybersecurity legislation. Think of stricter security requirements and cyber incident reporting obligations in sectors such as energy, transport, banking, infrastructure, digital infrastructure and healthcare. It’s a matter of taking appropriate technical and organisational measures, together with your IT partner, to manage network and information systems risks, and report incidents to the relevant national authorities on time.

❗That’s quite a mouthful, we know, but it’s important to be aware of this. Failure to comply has serious consequences. You can be held liable under the NIS2 directive – your customers, regulators or other stakeholders can sue you for “gross negligence” when it comes to security measures. You may even be added to the government’s blacklist, which may cause serious damage to your company’s reputation.

An ISO 27001 certified IT partner is a must

There is no real NIS2 audit requirement, which adds to the uncertainty. The good news is that this issue is covered in the ISO 27001 standard. An ISO 27001 certificate is the only way to demonstrate your compliance; if any of your suppliers should earn and be able to present this certificate, it should be your IT partner. Does this mean you are covered together?

Please note:

  • ISO 27001 is not a simple certification. It is a far-reaching exercise that should be supported by the entire organisation.
  • If your IT partner is not certified today, chances are they will not get it done in time, and that means you’ll have to look for another IT partner.
  • A smooth and well-prepared migration to an ISO 27001 certified partner takes 3 to 6 months on average. So, start investigating and, possibly, searching today.

Managed service provider Tyneso to the rescue – we are ISO 27001 certified

The good news? You can stop searching. We’ve got what it takes. Tyneso is one of the first Managed Service Providers in Belgium to hold the ISO 27001 version 2022 certificate. Our proof of 100% commitment to information security, and the guarantee for you to comply with NIS2 legislation.

Your advantages:

  • You are certain that your IT partner meets the high-quality requirements, all of them (ISO, NIS and GDPR).
  • You can take advantage of enhanced security thanks to Tyneso’s comprehensive information security policies, which are fully documented and auditable, and enjoy the full support from our team.
  • ISO 27001 certification is obtained and maintained through a three-year continuous process in which we regularly review and improve our systems and processes.
  • Data and information security are ongoing priorities for Tyneso.
  • All these efforts serve a primary purpose: to reduce business risks and incidents for your company, both today and in the future. And that’s what peace of mind feels like.
Published by Steven Tytgat, Tyneso N.V.