News + Data protection + NIS directive sdl today08/04/2021 347

share close

One of the goals of the 2016 NIS Directive was to harmonize Member States’ cybersecurity protection initiatives and to boost the EU’s overall level of cybersecurity. 

Despite all the attempts to achieve this goal, there remains fragmentation standing in the way of a single European approach. 

This is undermined by increased complexity in the interplay between the NIS and other EU laws. 

On 16 December 2020, the European Commission adopted a proposal for a revised Directive (‘NIS2’).

The proposed changes include:

– Widening the scope of the current regime, bringing in new sectors such as the postal services, food, and manufacturing of certain critical products such as pharmaceuticals.

– Introducing a clear size cap (meaning all medium and large companies in the relevant sectors would be in scope) while retaining the ability to bring small, high-risk entities, in scope.

– Eliminating the current distinction between operators of essential services and digital service providers. Instead, entities would be classified based on their importance, with a different regime for those that are essential and those that are important.

– Strengthening the security requirements, providing a minimum list of basic security elements that have to be applied, and introducing more precise incident response reporting requirements.

– Addressing supply chain risk and management accountability.

– Enhancing the enforcement provisions and aiming to harmonize sanctions across the Member States.

What’s next?

While a revised NIS regime is a key part of the EU’s new cyber strategy, it will be some time before any new rules take effect. The proposal will now be subject to negotiations between the legislators (notably the Council of the EU and EU Parliament), which can take time. Once agreed and adopted Member States will then have a further 18 months to transpose it into local law.

We, at SANDLINE through CENTRALEYEZER, think that the revised NIS directive should:

  • Help improve general security.
  • Be extended to all the relevant companies with digital databases.
  • Improve and optimize the tracking solutions with dedicated tools.

That will help us to offer with our powerful CENTRALEYEZER the best services for applying the NIS directive to our customers and to be part of a safe European cyber-environment.

Written by: sdl

Rate it
Previous post