New rules to boost cybersecurity of EU’s critical entities and networks

The European Commission has recently adopted the first implementing rules on cybersecurity of critical entities and networks (under the Directive on measures for high common level of cybersecurity across the Union – NIS2 Directive), another major step in boosting the cyber resilience of Europe’s critical digital infrastructure.

This regulation will apply to specific categories of companies providing infrastructures and services, such as cloud computing service providers, data centre service providers, to name a few. It details cybersecurity risk management measures, and for each category of service providers, when an incident is considered significant, to whom and in which timeframe it needs to be reported.

The adoption of the regulation coincides with the deadline (18 October 2024) for EU Member States to transpose the NIS2 Directive into national law.

Source: The full press release was published here