The Royal Decree implementing the Law of 26 April 2024 establishing a framework for the cybersecurity of networks and information systems of general interest for public security (the "NIS2 Law") has been published in the Belgian Official journal: Moniteur belge / Belgisch Staatsblad. 

 

This Royal Decree completes the transposition of Directive (EU) 2022/2555 (NIS2) in Belgium. It designates the Centre for Cybersecurity Belgium (CCB) as the national cybersecurity authority and the national CSIRT, as well as various sectoral authorities that support the CCB in its tasks. The Royal Decree also defines the regular conformity assessment procedures (mandatory for essential entities and voluntary for non-essential entities) and the reference frameworks that can be used (CyberFundamentals or ISO/IEC 27001). Finally, the regulation defines the conditions for the approval of conformity assessment bodies (CABs). 

 

The NIS2 law, coordinated by the CCB and the Cabinet of the Prime Minister, is an important step towards making Belgium one of the least cyber-vulnerable countries in the world. 

 

To find out what NIS2 is, whether it applies to you and what your obligations are under this new legal framework, please visit our explanatory website. For more detailed information on the legislation, please visit our dedicated NIS2 page on Safeonweb@Work. 

 

This article is part of a series of articles published on the implementation of the NIS2 Directive in Belgium. The other articles on this subject can be found online.