Cyber4Z in short

Cyber4Z started in 2015 with two specialists experienced in the cybersecurity domain. We now have a team with various capabilities in the field of strategic and tactical design of cyber security, IT, Privacy and Blockchain technology.

In addition, we are involved in technical and tactical implementations of complex security challenges that focus on the acceptance of new technologies in a pragmatic way. With our expertise and experience, we can guarantee the business objectives of our clients. These are widely determined by laws and regulations, customer requirements and rules of compliance.

  • Predict

  • Prevent

  • Detect

  • Respond

  • Remediate

Who are we?

Our team consists of certified professionals. Quality is our top priority. The technical and tactical implementations we deliver from the strategic design can be externally certified against the ISO9001, ISO27001, NEN7510 or other standards. Therewith we can have our quality tested externally as well. In addition, we provide operational knowledge when it comes to technical security assessments such as penetration tests, project management, SOC / SIEM propositions with connecting services such as log management, vulnerability and compliance management, patch management, training in the field of privacy, security and blockchain technology.

More about Cyber4Z

Our clients

Monthly Cybernote: February 2024

Delay in NIS2 implementation by the Netherlands officially announced

The House of Representatives has published a letter regarding the latest status of the implementation of NIS2 and CER guidelines. This article contains the most important points from the letter and the consequences for the Dutch government, enforcement and Dutch organizations that fall within the scope of the guidelines.

The Dutch letter can be found here.

The document discusses the implementation of the NIS2 and CER guidelines in the Netherlands. The NIS2 guideline replaces the NIS1 guideline and focuses on network and information security, while the CER guideline focuses on the resilience of critical entities. The implementation process is complex and requires precision, especially because of the impact on the public and private sectors. The transposition into national law is taking longer than expected, which means that the European Commission's deadline of October 17, 2024 will most likely not be met. For the time being, there is now consultation on the draft legislation for the summer of 2024.

Failure to meet the deadline for the implementation of the NIS2 and CER guidelines in Dutch legislation is largely due to the complexity and scope of these European regulations. This complexity requires careful coordination and integration with existing national laws and regulations. Moreover, the implementation requires thorough preparation and cooperation between various government bodies and private sector parties. These factors contribute to the delay in the legislative process, meaning that the set deadline may not be achievable. Despite the fact that most other European countries manage to meet the deadline, the Dutch government is now looking at alternatives and consequences.

What should companies do now?

It is recommended that organizations do not wait for the new legislation, but take preparatory measures. Some organizations already have obligations under current legislation. The NCSC recently indicated in an online meeting that implementing the well-known cybersecurity frameworks, such as ISO 27001 and NIST, ensures that organizations meet 99% of the requirements set out in the guidelines.

Normally, enforcement depends on the formal implementation of the guidelines into national legislation. If the Netherlands does not meet the deadline, this could mean that enforcement will be postponed until the legislation is formally adopted and takes effect. Until then, current regulations and enforcement practices will continue to apply. However, as written above, organizations are recommended to prepare for the upcoming changes.