EU Council adopts the NIS2 directive

2022-11-29 14:17

The new directive, called "NIS2", will replace the current directive on security of network and information systems.

NIS2 will set the baseline for cybersecurity risk management measures and reporting obligations across all sectors that are covered by the directive, such as energy, transport, health and digital infrastructure.

The revised directive aims to harmonise cybersecurity requirements and implementation of cybersecurity measures in different member states.

While under the old NIS directive member states were responsible for determining which entities would meet the criteria to qualify as operators of essential services, the new NIS2 directive introduces a size-cap rule as a general rule for identification of regulated entities.

The new directive has been aligned with sector-specific legislation, in particular the regulation on digital operational resilience for the financial sector and the directive on the resilience of critical entities, to provide legal clarity and ensure coherence between NIS2 and these acts.

The NIS2 directive will be published in the Official Journal of the European Union in the coming days and will enter into force in mid-December.

News URL

https://www.helpnetsecurity.com/2022/11/29/eu-council-adopts-the-nis2-directive/

#EU