The Council and the European Parliament have agreed on a new directive to improve the resilience and responsiveness of European entities to cyber security incidents.
Indeed, on May 13th, 2022, the two European institutions issued a joint statement outlining a new agreement (NIS 2, Network and Information Security) on measures to ensure a high level of cybersecurity throughout the EU.
Addressing Europe’s growing exposure to cyber threats
This new version of the NIS directive will allow for an update of the list of sectors and activities covered. It also provides for « remedies and sanctions to ensure its proper implementation ». The idea is that all Member States should be on the same level of protection, by setting minimum rules for regulation and strengthening the mechanisms for effective cooperation between the competent national authorities. The NIS 2 Directive will thus form the foundation for cybersecurity risk management measures and reporting obligations across all sectors covered by the Directive, including energy, transportation, health, and digital infrastructure.
According to the press release of the Council and the European Parliament, « the revised directive contributes to the reduction of divergences in cybersecurity requirements ».
The text should also allow the establishment of the European Cyber Crisis Preparedness and Management Network (EU-CyCLONe).
An important step towards an improved common EU cybersecurity strategy
« We have worked tirelessly on the digital transformation of our society. Over the last few months, we have put in place a number of key elements, such as the Digital Markets Act and the Digital Services Act. And today, the Member States and the European Parliament have reached an agreement on the NIS 2 Directive, which is another important step forward in our European Digital Agenda, ensuring that citizens and businesses are protected and have more confidence in essential services. » stated Margrethe Vestager, European Commissioner for Competition and expert on digital issues.
Cimino, Valentin. “Cybersécurité : Le Conseil Et Le Parlement Européen S’accordent Sur Une Nouvelle Directive.” Siècle Digital, 16 May 2022, https://siecledigital.fr/2022/05/16/cybersecurite-le-conseil-et-le-parlement-europeen-saccordent-sur-une-nouvelle-directive/?utm_source=Newsletter%2BSiecle%2BDigital&utm_campaign=2e79bf5ca5-newsletter_quotidienne&utm_medium=email&utm_term=0_3b73bad11a-2e79bf5ca5-259573973.
“Renforcer La Cybersécurité Et La Résilience à L’échelle De L’ue – Accord Provisoire Du Conseil Et Du Parlement Européen.” Consilium, 13 May 2022, https://www.consilium.europa.eu/fr/press/press-releases/2022/05/13/renforcer-la-cybersecurite-et-la-resilience-a-l-echelle-de-l-ue-accord-provisoire-du-conseil-et-du-parlement-europeen/.