Combell receives NIS2 Essential label: extra assurance for your cloud environment

Combell receives NIS2 Essential label: extra assurance for your cloud environment

Combell has received the NIS2 Essential Approved label from the Centre for Cybersecurity Belgium (CCB). In this blog, you’ll briefly discover why this is very good news for your cloud environment and your NIS2 plans. More than ever, Combell is your trusted cloud partner.

TL;DR

Combell has obtained the NIS2 Essential label from the CCB. This confirms that our cloud environment meets the essential NIS2 requirements. For you, this means: demonstrable security, less compliance stress, and a hosting partner that has been formally assessed.In this blog, we explain what the label entails, how it relates to NIS2 and the Belgian CyberFundamentals Framework, and above all: what you concretely gain when you host your cloud environment with Combell.

Why this label matters

The NIS2 directive makes cybersecurity an absolute must for many organisations. Not only for critical sectors such as energy, telecom or healthcare, but also for many digital service providers and their suppliers.

The fact that Combell has obtained the NIS2 Essential label means that our security approach not only feels solid internally, but has also been externally validated and recognised within the Belgian NIS2 framework.

Veerle Van Hecke, Compliance & Sustainability Analytics Manager at Combell

As an IT manager or CTO, you will sooner or later be faced with questions about NIS2: from management, auditors, customers or regulators.

On our blog, we have already explained what NIS2 entails and what impact it has on companies in Belgium and on their cloud environments. This new step - obtaining the NIS2 Essential label - makes that story tangible.

What you need to know about NIS2

Assurance for IT managers

With NIS2, a vague “yes, yes, we’re doing something about security” is no longer enough. You must be able to demonstrably prove that your organisation and your suppliers have taken the appropriate measures.

A cloud partner with an NIS2 Essential label makes this much easier:

You can show management and auditors that your hosting partner has been officially assessed against NIS2 requirements.
You reduce the risk of an inadequately secured infrastructure becoming the weak link in your chain.
You save time in tenders, security questionnaires and due diligence processes.

In other words: the label is not a marketing badge, but an extra layer of assurance on top of our existing certifications.

NIS2 in Belgium in brief

NIS2 is a European directive aimed at increasing the cyber resilience of essential and important organisations.

Belgium translates this directive into national legislation and further elaborates it through the CCB’s CyberFundamentals Framework.

NIS2 imposes obligations in areas such as:

risk management and security policy
technical and organisational security measures
incident detection and reporting
business continuity and recovery
supply chain management

For many organisations, the reality is this: they use cloud solutions themselves and/or are suppliers to NIS2 entities. In both cases, the security of their hosting partner plays a key role.

Role of the CCB

The Centre for Cybersecurity Belgium is the national authority for cybersecurity. The CCB defines the criteria for the NIS2 Essential label and recognises the processes through which organisations can demonstrate that they meet those criteria.

“The fact that Combell has obtained the NIS2 Essential label means that our security approach not only feels solid internally, but has also been externally validated and recognised within the Belgian NIS2 framework,” says Veerle Van Hecke, Compliance & Sustainability Analytics Manager at Combell.

What requirements does Combell meet?

Policy and risk management

The label confirms, among other things, that Combell:

has a formal and organisation-wide cybersecurity policy
structurally applies risk management in decisions, projects and changes
has clearly defined roles and responsibilities for information security

Veerle proudly summarises: “At Combell, cybersecurity is not a standalone IT project, but an integral part of how we design, manage and continuously improve our cloud solutions.”

Technical and organisational measures

In addition, the label demonstrates that we have implemented appropriate technical and organisational measures, including:

strong access management (identity & access management, least privilege, multi-factor authentication where appropriate)
network security through segmentation, firewalls and other protection layers
data protection measures, such as encryption in transit
standardised processes for patching, hardening and change management

“These measures form the secure foundation layer of the Combell cloud,” emphasises Veerle Van Hecke. “On top of that foundation, we can implement additional controls depending on your sector, risks or compliance needs.”

Incident management and improvement

No organisation can 100% rule out that an incident may occur. What you can do, however, is ensure that you handle it quickly and professionally.

You don’t just have to say that your hosting partner is ‘secure’. You can demonstrate that this partner complies with government-defined standards and is regularly assessed.

Veerle Van Hecke, Compliance & Sustainability Analytics Manager at Combell

The NIS2 Essential label confirms that Combell:

has formal incident management processes in place
tests and evaluates these processes to ensure they work in practice
continuously works on monitoring, reporting and improving our security measures

“This means you are not relying on ‘best effort’, but on a cloud partner that knows exactly what needs to happen when something goes wrong,” says Veerle Van Hecke.

Awareness and clear responsibilities

Finally, the label also looks at the human side of security. At Combell, we invest in information security awareness, clear procedures and a culture in which employees are alert and engaged.

Veerle concludes: “For you as a customer, this means you are working with a team that truly lives and breathes security. Not just through a checklist, but in our daily operations.”

What does this mean for your organisation?

Less compliance stress

Do you work in an organisation subject to NIS2, or do you provide services to such an organisation? Then you know that auditors and customers increasingly ask for proof: certificates, processes, reports, test results.

With a cloud partner labelled NIS2 Essential, you can substantiate a significant part of that story. You can clearly demonstrate that the underlying hosting and cloud infrastructure meets strictly assessed security requirements.

Better protection and continuity

The measures behind the label have a direct impact on:

the protection of sensitive and confidential information
the availability of your applications and data
business continuity in the event of incidents

A stronger story towards management and auditors

As an IT manager or CTO, you often have to build bridges between what is technically possible and expectations “from above”.

An external recognition such as the NIS2 Essential label helps you make the conversation with management, risk & compliance or customers more concrete.

Veerle Van Hecke knows why: “You don’t just have to say that your hosting partner is ‘secure’. You can demonstrate that this partner complies with government-defined standards and is regularly assessed.”

Advantages of the Combell cloud

Local, ISO-certified data centres

Combell hosts your data in modern, highly secure data centres in the Benelux. This infrastructure is aligned with international standards such as ISO 27001 (information security) and ISO 27701 (privacy information management).

Combined with the NIS2 Essential label, this gives you multiple layers of assurance: international standards and a Belgian framework that directly aligns with NIS2.

Lees ook

NIS2: is your cloud environment ready?

Multi-layer security and backups

Our cloud solutions are built according to the principle of defence in depth. Think of:

advanced firewalls and DDoS protection
separated environments (development, test, production) where required
backups and redundancy in line with agreed RPO/RTO objectives
monitoring of critical components and proactive alerts

This reduces the risk that a single weak link will have a major impact on your business.

24/7 monitoring and support

Your cloud environment doesn’t only run during office hours. That’s why our teams monitor it 24/7, with support from experts who know your environment.

If something goes wrong, you can count on:

fast response times in line with SLA
direct assistance from specialists, not anonymous call centres
clear communication about what happened and which steps are being taken

A labelled cloud partner as a strategic advantage

When you can present a cloud partner with an NIS2 Essential label in this context, you have a clear strategic advantage. It shows that you deliberately choose a partner who:

understands and applies NIS2 requirements
has its security assessed by external parties
operates within a Belgian framework closely aligned with legislation

Discussing your cloud hosting

Topics for an initial meeting

Every organisation is different. One has a complex hybrid architecture, another mainly runs SaaS, and a third develops its own applications in the cloud. Still, there are several recurring questions we can explore together:

How relevant is NIS2 within your organisation and/or your customer portfolio?
Which systems and data are truly critical for your business?
What does your current hosting or cloud environment look like, and where are the biggest risks?
Which measures are already in place today, and where do we still see gaps?
Based on these insights, we can help you design an NIS2-ready cloud architecture with the right combination of cloud servers, managed cloud, security solutions and backup.

Based on these insights, we can help you design an NIS2-ready cloud architecture with the right combination of cloud servers, managed cloud, security solutions and backup.

How Combell can support you

With the NIS2 Essential label, we demonstrate that our foundation is robust and independently assessed. But we are happy to go one step further: together with you, we look for the solution that best fits your organisation, taking into account your sector, risks, budget and growth plans.

Would you like to know how your current environment measures up against NIS2 expectations and the CyberFundamentals Framework? Or are you at the start of a cloud migration and want to approach it in a future-proof way from day one?

Get in touch with our cloud experts and start the conversation about an NIS2-ready cloud environment tailored to your organisation.

Choose the ultra-secure Combell cloud

Related posts

The US CLOUD Act explained: how to keep your data safe and GDPR-compliant

The US CLOUD Act explained: how to keep your data safe and GDPR-compliant

  • 15 October 2025
  • Reading time: 5 min

One of the most talked-about laws affecting US cloud providers is the CLOUD Act. It compels American companies to hand over data to the US government no matter where that...

51% of companies feel increasing pressure over data location, what to do?

  • 12 August 2025
  • Reading time: 4 min

A survey by team.blue, the international hosting group behind Combell, reveals that 51% of European companies are experiencing growing concerns about where their data is stored. These concerns aren’t just...
1 in 5 companies is moving data to a local provider

1 in 5 companies is moving data to a local provider

  • 5 August 2025
  • Reading time: 4 min

According to the latest data survey by team.blue, the international group that includes Combell, 21% of European businesses, or 1 in 5, are already migrating their data to a local...