|Author (Corporate)||Council of the European Union, European Parliament|
|Series Title||Official Journal of the European Union|
|Series Details||L 194, Pages 1-30|
Directive (EU) 2016/1148 - adopted by the co-legislators on 6 July 2016 - setting out a number of measures aimed at boosting the level of security of network and information systems (NIS) to secure services vital to the economy and society across the European Union (EU). It is also known as NIS Directive.
The Directive proposes a set of measures to enhance the level of security of network and information systems. It aims to ensure that EU Member States are well-prepared and are ready to handle and respond to cyberattacks through:
It also establishes EU-level cooperation both at strategic and technical level. Lastly, it introduces the obligation on essential-services providers and digital service providers to take the appropriate security measures and to notify the relevant national authorities about serious incidents.
The proposal for this Directive was tabled by the European Commission on 7 February 2013, alongside a Joint Communication on a European Cybersecurity Strategy. The European Parliament adopted its negotiating position in March 2014. The trilogue negotiations faced challenges and were re-launched in March 2015. A breakthrough was found in June and an informal agreement between the co-legislators on a compromise text was announced in December 2015. The Council of the European Union formally backed that text on 17 May 2016, followed by the European Parliament on 5 July. The co-legislators signed the Act on 6 July 2016, which was published in the Official Journal on 19 July 2016. The Directive entered into force in August 2016 as the first horizontal EU cybersecurity legal act.
|Subject Categories||Justice and Home Affairs, Security and Defence|
|Subject Tags||Cybersecurity | Cyber-security|
|International Organisations||European Union [EU]|