Login
Demo
Login

NIS2: Tighter cybersecurity legislation for logistics companies… Simacan is ready!

The NIS2 directive requires companies in critical sectors to comply with stricter information security regulations. What does this mean for companies using Simacan? What actions do they need to take, and what can they expect from us? This blog outlines the key points for you.
To protect society from disruptive disturbances, governments are ensuring that organisations strengthen their cybersecurity measures. Existing legislation already set requirements for ‘digital resilience,’ but the European Network and Information Security Directive 2 (NIS2) significantly intensifies these measures.

From 2024 onwards, large organisations in critical sectors, such as energy supply, healthcare, and the food industry, are obliged to enhance the protection of their data and IT systems. They must register and are required to report all cyber incidents to the supervisory authority. Non-compliance may result in fines of up to 2% of their annual turnover.

Supply chain vulnerability

NIS2 identifies transport as one of the essential sectors: “Any major interruption in it could cause destructive ripple effects throughout society”. The supply chain consists of numerous interconnected links. These include various processes from many different systems, ranging from older, poorly secured systems to new, state-of-the-art systems with robust security. This diversity of systems creates operational vulnerabilities to cybercrime. The saying ‘You are only as strong as the weakest link’ certainly holds true here, and the high number of links further increases the vulnerability. This is particularly critical in transport operations during which privacy-sensitive and competition-sensitive information is often exchanged that must not be allowed to fall into the wrong hands.

Data confidentiality and integrity are important

Companies must be able to trust that supply chain partners will handle their data carefully and that it will not be compromised – whether accidentally or on purpose. Consumers who order something online provide their address, contact details and bank details in good faith. Data availability, confidentiality and integrity are all important cornerstones for a healthy logistics business. At Simacan, we applaud the fact that NIS2 will intensify the focus on this. But what is our role, exactly?

Cybersecurity demands

Customers use our SaaS-platform to optimise their transport operations, manage daily trips and facilitate stakeholder communication. In that sense, Simacan plays a pivotal role in what the government regards as an essential sector. The data shared by our customers through our platform is often confidential, can be privacy-sensitive and must be available in real time.

As Simacan, we therefore have a considerable responsibility. Needless to say, we meet the highest cybersecurity requirements expected from a cloud company like ours. Although Simacan is a medium-sized ICT company and therefore does not fall directly within the scope of the NIS2 directive, we nevertheless meet – and in fact go beyond – the requirements outlined in it.

International ISO standards

Simacan is certified in line with the ISO 27001 standard for cybersecurity & privacy. This means that we follow all procedures and take the necessary measures to meet global standards for information security, both for our internal systems and our platform. These measures relate not only to technology (e.g. identity management, encryption, firewalls, etc.), but also to our buildings, our people and our internal organisation. For example, we ensure that our employees receive regular training and updates, that they use access passes, and that they do not leave potentially sensitive information on their desks or on whiteboards.

Data centre redundancy

For our customers, whether carriers or retailers, on-time and reliable transport is a crucial part of the promise to their own customers. The systems used to control their processes and to keep customers informed may never go offline. We guarantee the availability of our platform and data to our customers based on high data centre redundancy, i.e. multiple, continuously synchronised data centres in different locations. As a result, if a calamity occurs at one of the data centres, customers never lose more than one second’s worth of data…

Cybersecurity is an ongoing task

Cybersecurity is an ongoing task. To maintain our ISO certification, we are audited annually by an authorised body. We also arrange for extensive penetration testing to be performed on our systems each year. Any detected weaknesses are addressed immediately.

In conclusion, large organisations in essential sectors will have to comply with a new cybersecurity law. To do so, they must fulfil their duty to register with the supervisory body, their duty to report, and their duty of care. In this context, you don’t need to worry about Simacan and the data entrusted to our platform by our users. When it comes to the availability, integrity, confidentiality and privacy of transport data, you are in good hands with us.

This might also interest you:
Tagged , , , ,
  • Simacan
  • Barchman Wuytierslaan 10
  • 3818 LH Amersfoort
  • The Netherlands

Simacan newsletter

Stay up-to-date! Sign up for our newsletter.

Sign up here!
© 2025 Simacan | All Rights Reserved
Linkedin-in Youtube Instagram Facebook-f