What is NIS2?
NIS2, formally known as Directive (EU) 2022/0857 and referred to as the Cybersecurity Act in the Netherlands, entails measures to ensure a high cybersecurity standard across the European Union. The objective of this law is to strengthen cybersecurity in all member states. Unlike previous legislation (NIS1), NIS2 covers a broader range of sectors and organisations, meaning that more entities must comply with cybersecurity requirements.
To determine whether your organisation must comply with NIS2, you can complete the NIS2 self-assessment NL. However, it is safe to say that any organisation in the Netherlands with more than 250 employees and those vital to Dutch society and the economy will fall under this directive. In short, it would be unusual for a Dutch company with a recruitment department not to be affected by this.
NIS2 implies that organisations must implement stricter security measures to protect their network and information systems. These measures include technical security controls, awareness programs, and incident reporting. Additionally, there will be an increased focus on the supply chain, meaning staffing agencies and brokers must demonstrate that they are attentive to all new and additional cybersecurity requirements.
A New Hot Skill and Target Audience
With the advent of the new cybersecurity act, the demand for knowledge of the NIS2 skill will increase significantly (see the explosive growth in the number of job vacancies mentioning NIS2).
The roles include:
- Cyber Security Engineer
- IT Security Consultant
- Security Analyst
- Head of Information Management
- Security Officer
- ICT Security Coordinator
- Risk Manager
This is a growing market and opportunity for recruiters and recruitment agencies. At the same time, it is also a domain where recruiters need to know much more because they are the ‘gatekeepers’ in attracting these individuals. Moreover, they also play a crucial role in keeping out cyber criminals, infiltrators, moles, and individuals with high-integrity risks. Recruiters themselves will also need to pass such tests. Besides signing the recruiter code and completing recruitment training, a Certificate of Good Conduct and screening of recruiters and those in the supply chain will increasingly become required. This creates an initial shift at the gate but will only be partially watertight.
Implications of NIS2 for Recruitment
The high demand for cyber and risk specialists will see explosive growth, leading to significant scarcity and an increase in salaries, the number of freelancers, and their hourly rates. This scarcity and the necessary screening and controls will result in longer recruitment processes and higher costs.
Everyone reading this already knew that recruitment was a severe profession. However, with the surge in fraud surrounding recruitment and now with NIS2, it is clear to everyone that professional recruitment and a robust recruitment process are crucial for keeping out individuals who jeopardise business and societal continuity, especially those who may interact with vital systems or sensitive data. Therefore, it is essential for recruitment professionals to carefully consider the specific impact of NIS2 on hiring, candidate screening, and recruitment processes, as this will vary by organisation. It depends on the sector they operate in, the scale of their IT infrastructure, and the number of cybersecurity professionals they require. Ultimately, this threat presents a significant opportunity for the profession.
Where to Start?
Are you looking to gain more insight into ensuring security in hiring and recruitment? The Masterclass on Integrity, Security, and Risk Management in Recruitment and Hiring provides in-depth knowledge and practical skills. Learn more about the masterclass by clicking the button below:
Yes, I would like to learn more