The Council together with the European Parliament has recently agreed upon a new cybersecurity directive called NIS2 that has the goal to bring about “a high common level of cybersecurity across the Union”. Once implemented, it will work on the improvement of resilience and incident response in both the public and the private sectors.
(…) the Council and the European Parliament agreed on measures for a high common level of cybersecurity across the Union, to further improve the resilience and incident response capacities of both the public and private sector and the EU as a whole. Once adopted, the new directive, called ‘NIS2’, will replace the current directive on security of network and information systems (the NIS directive).
This comes as a response to the increased digitalization level as well as to the grown number of cyberattacks globally.
NIS2: the New Directive in the EU Cybersecurity
The goals of the new directive once adopted are:
Stronger Risk Management and Reporting
A standard for methods regarding cybersecurity risk management and reporting obligations will be established through this new directive. This includes sectors like digital infrastructure, energy, transport, and health.
The reporting obligations were streamlined in order to prevent over-reporting.