The European Parliament and EU member states agreed on stricter cybersecurity measures for entities belonging to critical sectors.
Following the first directive known as NIS, the implemented cybersecurity rules had to be updated due to the increase in cyber malicious activities and rising digitalization of all spheres of our lives.
The revised strategy oversees medium and large entities belonging to “critical sectors,” including providers of public electronic communications services, digital services, waste water and waste management, manufacturing of critical products, postal and courier services, and public administration, both at central and regional level.
“This is another important breakthrough of our European digital strategy, this time to ensure that citizens and businesses are protected and trust essential services,” Margrethe Vestager, Executive Vice-President for a Europe Fit for the Digital Age, commented.
The NIS 2 Directive also covers the healthcare sector, paying particular attention to securing the industry from threats that appeared following the COVID-19 pandemic.
“Cybersecurity was always essential to shield our economy and our society against cyber threats; it is becoming critical as we are moving further in the digital transition. The current geopolitical context makes it even more urgent for the EU to ensure that its legal framework is fit for purpose,” Margaritis Schinas, Vice-President for Promoting our European Way of Life, said.
Additionally, the directive will hold top management accountable for non-compliance and will strive for harmonising sanctions regimes across the union.
“Cyber threats have become bolder and more complex. It was imperative to adapt our security framework to the new realities and to make sure our citizens and infrastructures are protected. In today’s cybersecurity landscape, cooperation and rapid information sharing are of paramount importance,” Thierry Breton, Commissioner for the Internal Market, noted.
Breton furtherly suggested that the agreement will be complemented by the upcoming Cyber Resilience Act, aimed at establishing cybersecurity requirements covering digital products and their services.
More from Cybernews:
Home working scams on the rise, watchdog warns
Ukrainian sent to prison for making over $80,000 with stolen passwords
UK Cybersecurity Council to devise new chartered standards for the CCP scheme
Hundreds of thousands of printers were left vulnerable to hacking
Subscribe to our newsletter
