Question 1

Does my organisation fall under the Belgian NIS2 law?

Accepted Answer

The Belgian NIS2 law (26 April 2024) applies to medium and large organisations in 18 critical sectors (Annex I and II), plus certain entities regardless of size (telecom providers, trust services, TLD registries, DNS providers, sole providers of essential services). Use this free assessment tool to check your scope.

Question 2

What is the difference between essential and important entities under NIS2?

Accepted Answer

Essential entities are large organisations in Annex I (highly critical) sectors, plus specific entity types regardless of size. Important entities are all other in-scope organisations. Essential entities face stricter supervision, higher fines (up to €10M or 2% of turnover), and must achieve CyFun ESSENTIAL certification.

Question 3

What are the NIS2 compliance deadlines in Belgium?

Accepted Answer

Key deadlines: registration for digital sectors by 18 December 2024, all other sectors by 18 March 2025, essential entities must reach BASIC/IMPORTANT CyFun level by 18 April 2026, and full certification at required level by 18 April 2027.

Belgian NIS2 Law
Scope Assessment

Scope Assessment

Classification

Obligations & Deadlines

CyFun & ISO 27001

Belgian NIS2 LawScope Assessment

Scope Assessment

Classification

Obligations & Deadlines

CyFun & ISO 27001

Belgian NIS2 Law
Scope Assessment