As of November 9, 2018, the Network and Information Systems Security Act (Wbni) is in effect. The Wbni aims to increase the digital resilience of the Netherlands, and in particular vital providers, the rijksoverheid and digital service providers. The law does this by obliging providers of essential services (AEDs) and digital service providers (DSPs) to take measures to secure their ICT against incidents (the so-called duty of care). There is also a duty to report serious incidents. The law thus aims to limit the consequences of cyber incidents among these groups and thus also prevent social disruption.
More unity in policy
The Wbni follows the European Union's NIB Directive, which is intended to ensure more unity in policy on network and information security. Because of the substantive connection and overlap with the Data Processing and Obligation to Report Cybersecurity Act (Wgmc), that too has been incorporated into the Wbni, without substantive changes.
Network and Information Systems Security Decree
Along with the Wbni, the Network and Information Systems Security Decree (Bbni) will also enter into force on November 9, 2018. Among other things, the Bbni designates the vital providers that fall within the scope of the obligations of the Wbni.
Click on the link below to view the Network and Information Systems Security Act (Wbni).
source: NCSC
