The European Union is set to introduce significant upgrades to its bloc-wide cybersecurity framework through the implementation of the Network and Information Security Directive 2 (NIS 2.0). This new policy expands upon the original NIS Directive, aiming to enhance cybersecurity capabilities and resilience across the EU. NIS 2.0 introduces stricter incident reporting requirements, mandating organizations to report cyber breaches and attacks within 24 hours.
NIS 2.0 extends coverage to critical infrastructure sectors such as energy systems, healthcare networks, and transportation services.
The establishment of the European Cyber Crises Liaison Organisation Network (EU-CyCLONe) aims to facilitate cooperation among national authorities for coordinated responses to major cyber attacks.
The EU's goal is to enhance security measures and promote collective action against cyber threats, creating a safer environment for businesses, governments, and society.
NIS 2.0 is expected to take effect in the coming weeks, with member states given 21 months to incorporate the new provisions into their national legislation. The EU is already conducting large-scale cyber attack simulations to enhance readiness and response capabilities.
EU Upgrades Cybersecurity Law