|Author (Corporate)||European Commission: DG Communications Networks Content and Technology|
|Series Details||COM (2020) 823|
Legislative initiative tabled by the European Commission on 16 December 2020, aimed at modernising the existing legislative framework concerning cyber-security across the European Union (EU). It revises and repeals Directive (EU) 2016/1148 (NIS Directive). The proposed legislation is also known as NIS 2 Directive. This is a text with EEA relevance.
The NIS Directive was the first piece of EU-wide legislation on cybersecurity and has provided legal measures to boost the overall level of cybersecurity in the European Union. The proposed revision modernises the legal framework taking into account of the increased digitisation of the internal market and an evolving cyber security threat landscape. The proposal also addresses several weaknesses that prevented the NIS Directive from unlocking its full potential.
This initiative covers medium and large entities from more sectors based on their criticality for the economy and society. NIS 2 strengthens security requirements imposed on the companies, addresses security of supply chains and supplier relationships, streamlines reporting obligations, introduces more stringent supervisory measures for national authorities, stricter enforcement requirements and aims at harmonising sanctions regimes across Member States. The NIS 2 proposal is aimed at supporting an increase in information sharing and cooperation on cyber crisis management at national and EU level.
The proposal was tabled by the European Commission on 16 December 2020, as part of a package which also includes a new EU Cybersecurity Strategy.
|Subject Categories||Internal Markets, Justice and Home Affairs, Security and Defence|
|Subject Tags||Cybersecurity | Cyber-security, Risk | Crisis Management|
|Keywords||Data Privacy | Protection
|International Organisations||European Union [EU]|