On 16 March 2026, EAN hosted a webinar titled “NIS2 and Social Services – Experiences from EAN Member States.” The event brought together experts and practitioners to discuss the implications of the EU NIS2 Directive for organisations providing health and social care services.

The webinar offered perspectives from several European countries. Richard Plug (Z-CERT, Netherlands) presented the Dutch approach to cybersecurity in healthcare and the role of sector-specific CSIRTs supporting organisations in managing cyber threats. Miroslav Kvapil (Lexnova, Czech Republic) shared practical insights into the implementation of NIS2 in the Czech social services sector and highlighted the growing responsibility of management for cybersecurity governance.

Further contributions from France and Austria illustrated how different national systems are approaching the directive and what challenges social service providers face when strengthening their digital resilience.

A key takeaway from the discussion was that cybersecurity should not be seen only as a technical issue but as part of organisational governance and risk management, especially for providers delivering essential services to vulnerable populations.

The presentations from the webinar are available in a single PDF file below.

Download the presentations (PDF)