Digital resilience is important for the reliability and continuity of the energy supply. In 2026, several new laws and regulations will come into effect that the Digital Infrastructure Inspectorate (RDI) will supervise. Through this supervision, we contribute to a resilient energy sector and a safely connected Netherlands. Read in this news report about our key points in supervising the energy sector.
New legislation and applicable obligations
In 2026, the energy sector will face several laws regarding digital resilience. These include the Cybersecurity Act (NIS2), the Critical Entities Resilience Act (Wbni), the Netcode on Cybersecurity, and parts of the Energy Act. Not all laws apply to all organizations. Applicable rules vary per subsector.
Key points of digital resilience supervision in energy in 2026
Until the new legislation comes into effect, the RDI will continue supervision based on the Wbni. We pay extra attention to risks in supply chains. Due to further digitalization, organizations are increasingly dependent on their suppliers. Problems at one supplier can therefore affect vital energy processes. Map out risks arising from mutual dependencies and make clear agreements with suppliers.
With the introduction of the Cybersecurity Act (Cbw), registration in the national entities register (MijnNCSC.nl) becomes mandatory. Registration is necessary for supervision but is also important for your organization. Registered organizations can receive support during incidents and information about threats. The RDI supervises the completeness and accuracy of registrations.
New legislation also means that sectors will fall under RDI supervision for the first time. In 2026, we will map these sectors and the main risks. We share these insights with the sector. Sectors already under RDI supervision can also expect clarity about which laws and obligations apply and how the RDI will supervise them. This allows them to prepare well for the new requirements.