The Council of the European Union (EU) has adopted a new cybersecurity directive designed to improve resilience and incident response capacities across the EU, replacing NIS, the current directive on the security of network and information systems.
The new directive, NIS2, will set the baseline for cybersecurity risk management measures and reporting obligations across sectors and aims to harmonize cybersecurity requirements and implementation of measures in different member states.
NIS2 enhances EU incident management cooperation
“NIS2 will set the baseline for cybersecurity risk management measures and reporting obligations across all sectors that are covered by the directive, such as energy, transport, health and digital infrastructure,” read an EU Council press release.
The revised directive aims to harmonize cybersecurity requirements and measures across member states by establishing minimum rules for a regulatory framework and laying down mechanisms for effective cooperation among relevant authorities, it added. “It updates the list of sectors and activities subject to cybersecurity obligations and provides for remedies and sanctions to…
