EU Governments Provisionally Agree on Updated Network Security Rules
Stronger EU cybersecurity rules advanced Friday when government and European Parliament negotiators agreed provisionally to the revised network and information security directive (NIS2). If approved by European Council members and the full Parliament, the measure would set the baseline for…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
cybersecurity risk management measures and reporting obligations across several sectors, the Council said. One is digital infrastructure: The directive would apply to providers of public electronic communications services, digital services and domain name system services (see 2103220038). NIS2 introduces a size-cap rule under which all medium and large entities within the relevant sectors would be subject to the rules. Negotiators agreed on other provisions to ensure proportionality, a higher level of risk management and "clear-cut criticality criteria" for determining which enterprises are covered. The provisional accord also streamlines reporting requirements. The European Commission welcomed the political agreement, saying its next move will be a cyber-resilience act to ensure that digital products are more secure.