Proposal for a Directive on measures for a high common level of cybersecurity across the Union

Author (Corporate)	European Commission: DG Communications Networks Content and Technology
Series Details	COM (2020) 823
Publication Date	16/12/2020
Content Type	Policy-making
	Summary: Legislative initiative tabled by the European Commission on 16 December 2020, aimed at modernising the existing legislative framework concerning cyber-security across the European Union (EU). It revises and repeals Directive (EU) 2016/1148 (NIS Directive). The proposed legislation is also known as NIS 2 Directive. This is a text with EEA relevance. Further information: The NIS Directive was the first piece of EU-wide legislation on cybersecurity and has provided legal measures to boost the overall level of cybersecurity in the European Union. The proposed revision modernises the legal framework taking into account of the increased digitisation of the internal market and an evolving cyber security threat landscape. The proposal also addresses several weaknesses that prevented the NIS Directive from unlocking its full potential. This initiative covers medium and large entities from more sectors based on their criticality for the economy and society. NIS 2 strengthens security requirements imposed on the companies, addresses security of supply chains and supplier relationships, streamlines reporting obligations, introduces more stringent supervisory measures for national authorities, stricter enforcement requirements and aims at harmonising sanctions regimes across Member States. The NIS 2 proposal is aimed at supporting an increase in information sharing and cooperation on cyber crisis management at national and EU level. The proposal was tabled by the European Commission on 16 December 2020, as part of a package which also includes a new EU Cybersecurity Strategy.
Source Link	Primary Source https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=COM:2020:823:FIN
Related Link(s)	Commentary and Analysis EPRS: Briefing, February 2021: Improving the common level of cybersecurity across the EU (Initial Appraisal of a European Commission Impact Assessment) https://www.europarl.europa.eu/thinktank/en/document.html?reference=EPRS_BRI(2021)662606 EPRS: Briefing, February 2021: The NIS2 Directive: A high common level of cybersecurity in the EU https://www.europarl.europa.eu/thinktank/en/document.html?reference=EPRS_BRI(2021)689333 Official EUR-LEX: SWD(2020)344: Staff Working Document accompanying the Proposal - Executive Summary of the Impact Assessment https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=SWD:2020:344:FIN EUR-LEX: SWD(2020)345: Staff Working Document accompanying the Proposal - Impact Assessment https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=SWD:2020:345:FIN European Commission: Digital Single Market: Cybersecurity https://ec.europa.eu/digital-single-market/en/cybersecurity European Commission: News, 16/12/2020: Proposal for directive on measures for high common level of cybersecurity across the Union https://ec.europa.eu/digital-single-market/en/news/proposal-directive-measures-high-common-level-cybersecurity-across-union European Commission: Press Release, 16/12/2020: New EU Cybersecurity Strategy and new rules to make physical and digital critical entities more resilient https://ec.europa.eu/commission/presscorner/detail/en/IP_20_2391 European Commission: New EU Cybersecurity Strategy and new rules to make physical and digital critical entities more resilient – Questions and Answers https://ec.europa.eu/commission/presscorner/detail/en/qanda_20_2392 European Commission: Opening remarks by Vice-President Margaritis Schinas at the press conference on the cybersecurity strategy https://ec.europa.eu/commission/presscorner/detail/en/speech_20_2460
Subject Categories	Internal Markets, Justice and Home Affairs, Security and Defence
Subject Tags	Cybersecurity \| Cyber-security, Risk \| Crisis Management
Keywords	Data Privacy \| Protection
International Organisations	European Union [EU]