Jeffrey De Bruijn covers the three-tier NIS2 Quality Mark framework for supplier verification, mandatory board training requirements focusing on risk governance and extended vendor negotiation timelines before legislation activates.
Netherlands organizations face NIS2 implementation with personal board liability for inadequate cybersecurity training; yet, most remain unprepared for supply chain requirements. ISO 27001 certification cannot substitute for NIS2 compliance due to scope differences: ISMSs exclude processes while NIS2 demands full essential service coverage including OT environments. Supply chain provisions require continuous vendor verification beyond contract signatures, but organizations lack processes to audit thousands of suppliers effectively.
The NIS2 Quality Mark offers tiered certification enabling smaller suppliers to demonstrate compliance without expensive ISO audits, preventing supply chain paralysis.
In this session, Jeffrey De Bruijn, director of cyber security and privacy at Forvis Mazars, will cover:
- Three-tier quality mark framework providing independent verification pathways for suppliers serving critical entities;
- Mandatory board training requirements focusing on risk governance rather than technical CISO skills with regular recertification;
- Extended vendor negotiation timelines requiring early contract updates before legislation activates to avoid emergency scrambles.
Here is the course outline:
Operationalizing NIS2: Building Resilience and Earning Trust Through Compliance |
Completion
The following certificates are awarded when the course is completed:
 |
CPE Credit Certificate |
