The European Union (EU) has reached political agreement on new legislation that will impose common cybersecurity standards on critical industry organizations.
The new directive will replace the EU’s existing rules on the security of network and information systems (NIS Directive), which requires updating because “of the increasing degree of digitization and interconnectedness of our society and the rising number of cyber malicious activities at the global level.”
The NIS 2 Directive will cover medium and large organizations operating in critical sectors. These include providers of public electronic communications services, digital services, wastewater and waste management, manufacturing of critical products, postal and courier services, healthcare and public administration.
Among the provisions in the new legislation are flagging cybersecurity incidents to authorities within 24 hours, patching software vulnerabilities and preparing risk management measures.
It also aims to create stricter enforcement requirements and harmonize sanctions regimes across member states. Operators of essential services would face fines of up to 2% of annual turnover for failing to comply, while for important service providers, the maximum fine would be 1.4%.
The measures were originally proposed by the EU Commission in December 2020.
The political agreement will need to be formally approved by EU member countries and the European Parliament. Once passed, member states will need to transpose the new requirements into national law within 21 months.
Commenting on the announcement, Margrethe Vestager, executive vice-president for a Europe Fit for the Digital Age, said: “We have been working hard for digital transformation of our society. In the past months, we have put a number of building blocks in place, such as the Digital Markets Act and the Digital Services Act. Today, Member States and the European Parliament have also secured an agreement on NIS 2. This is another important breakthrough of our European digital strategy, this time to ensure that citizens and businesses are protected and trust essential services.”
Want more news? Subscribe to CPI’s free daily newsletter for more headlines and updates on antitrust developments around the world.
Featured News
T-Mobile’s Acquisition of Ka’ena Corporation Receives FCC Approval
Apr 26, 2024 by
CPI
UK Regulator Announces Two New Senior Executive Appointments
Apr 26, 2024 by
CPI
Paramount Global and Skydance Media Near Merger Deal, Eyeing CEO Change
Apr 26, 2024 by
CPI
BHP Unveils £31bn Mining Megamerger Proposal with Anglo American
Apr 25, 2024 by
nhoch@pymnts.com
ByteDance Prefers Shutdown Over Sale of TikTok Amid US Ban Threats
Apr 25, 2024 by
CPI
Antitrust Mix by CPI
Antitrust Chronicle® – Economics of Criminal Antitrust
Apr 19, 2024 by
CPI
Navigating Economic Expert Work in Criminal Antitrust Litigation
Apr 19, 2024 by
CPI
The Increased Importance of Economics in Cartel Cases
Apr 19, 2024 by
CPI
A Law and Economics Analysis of the Antitrust Treatment of Physician Collective Price Agreements
Apr 19, 2024 by
CPI
Information Exchange In Criminal Antitrust Cases: How Economic Testimony Can Tip The Scales
Apr 19, 2024 by
CPI