Do you wish to contribute? The online public consultation for the Dutch Cybersecurity and Critical Entities Resilience acts began on 21 May 2024. These legislative proposals are the transposition of two European directives into national law: the Network and Information Security (NIS2) and the Critical Entities Resilience (CER) directives. These European directives aim to strengthen the physical, digital, and economic resilience against increasing threats. The consultation period extends until 2 July 2024.
At internetconsultatie.nl, anyone can make suggestions to improve the laws and regulations being prepared. The aim of the consultation is to involve the broadest range of citizens, businesses and institutions in the drafting of legislation. Reactions can be submitted between 21 May and 2 July 2024. After this period, all responses will be reviewed and the proposal will be amended if necessary.
The Cybersecurity Act
The Cybersecurity Act aims to raise the overall level of cybersecurity in the European Union. It is the successor to what is known as the Security of Network and Information Systems Act (Wbni) and introduces changes from this act. Notably, the law covers an expanded number of sectors (e.g. the government sector). Furthermore, the proposal includes additional rules on duty of care (cybersecurity measures), duty to report (incident reporting) and supervisory measures.
Want to know more about the Cybersecurity Act? Take a look at this NIS2 information sheet.
Critical Entities Resilience Act
In addition to the NIS2, the CER Directive is also being transposed. The CER Directive focuses on protecting businesses and organisations against a dynamic array of threats, such as hybrid and terrorist threats. These risks increase inter- and cross-border dependencies, and natural disasters. The CER Directive will be implemented in national legislation in the Critical Entities Resilience Act.
Want to learn more about the national Critical Entity Resilience Act? Please view this CER information brochure (in Dutch).
