The European Union (EU) has reached political agreement on new legislation that will impose common cybersecurity standards on critical industry organizations.
The new directive will replace the EU’s existing rules on the security of network and information systems (NIS Directive), which requires updating because “of the increasing degree of digitization and interconnectedness of our society and the rising number of cyber malicious activities at the global level.”
The NIS 2 Directive will cover medium and large organizations operating in critical sectors. These include providers of public electronic communications services, digital services, wastewater and waste management, manufacturing of critical products, postal and courier services, healthcare and public administration.
Among the provisions in the new legislation are flagging cybersecurity incidents to authorities within 24 hours, patching software vulnerabilities and preparing risk management measures.
It also aims to create stricter enforcement requirements and harmonize sanctions regimes across member states. Operators of essential services would face fines of up to 2% of annual turnover for failing to comply, while for important service providers, the maximum fine would be 1.4%.
The measures were originally proposed by the EU Commission in December 2020.
The political agreement will need to be formally approved by EU member countries and the European Parliament. Once passed, member states will need to transpose the new requirements into national law within 21 months.
Commenting on the announcement, Margrethe Vestager, executive vice-president for a Europe Fit for the Digital Age, said: “We have been working hard for digital transformation of our society. In the past months, we have put a number of building blocks in place, such as the Digital Markets Act and the Digital Services Act. Today, Member States and the European Parliament have also secured an agreement on NIS 2. This is another important breakthrough of our European digital strategy, this time to ensure that citizens and businesses are protected and trust essential services.”
Want more news? Subscribe to CPI’s free daily newsletter for more headlines and updates on antitrust developments around the world.
Featured News
EU Extends Support for Farms and Fisheries Amid Market Disruptions
May 5, 2024 by
CPI
Sony and Apollo Bid $26 Billion for Paramount Acquisition
May 5, 2024 by
CPI
Goldman Sachs Resolves Decade-Old Metal-Rigging Class Action Lawsuit
May 5, 2024 by
CPI
Italian Antitrust Ruling Puts Halt on Intesa Sanpaolo’s Fintech Ambitions
May 5, 2024 by
CPI
Google Antitrust Case: Closing Arguments Conclude
May 5, 2024 by
CPI
Antitrust Mix by CPI
Antitrust Chronicle® – Economics of Criminal Antitrust
Apr 19, 2024 by
CPI
Navigating Economic Expert Work in Criminal Antitrust Litigation
Apr 19, 2024 by
CPI
The Increased Importance of Economics in Cartel Cases
Apr 19, 2024 by
CPI
A Law and Economics Analysis of the Antitrust Treatment of Physician Collective Price Agreements
Apr 19, 2024 by
CPI
Information Exchange In Criminal Antitrust Cases: How Economic Testimony Can Tip The Scales
Apr 19, 2024 by
CPI