Europe Agrees to Adopt New NIS2 Directive Aimed at Hardening Cybersecurity

Europe Agrees to Adopt New NIS2 Directive Aimed at Hardening Cybersecurity


Hardening of cybersecurity

The European Parliament announced an “interim agreement” aimed at improving cybersecurity and the resilience of public and private sector entities in the European Union.

The revised directive, called “NIS2“(short for networks and information systems), is expected to replace the current cybersecurity legislation that was established in July 2016.

The renewal sets out basic rules that require companies in the energy, transportation, financial markets, health and digital infrastructure sectors to comply with risk management measures and information obligations.

Among the provisions of the new legislation are the reporting of cybersecurity incidents to the authorities within 24 hours, the application of patches to software vulnerabilities and the preparation of risk management measures to protect networks. otherwise it may incur monetary penalties.

“The directive will formally establish the European Cyber ​​Crisis Liaison Organization Network, EU-CYCLONe, which will support the coordinated management of large-scale cybersecurity incidents,” the Council of the European Union said in a statement. last week.

The development closely follows the European Commission’s plans to “detect, report, block and delete” child sexual abuse images and videos from online service providers, including messaging applications, which raises concerns that could undermine end-to-end encryption protections (E2EE). .

The draft NIS2 version explicitly states that the use of E2EE “must be reconciled with the competences of the Member States to ensure the protection of their essential interests of public safety and security, and to enable research, detection and prosecution of criminal offenses in compliance with Union law ”.

He also stressed that “Solutions for legal access to information in end-to-end encrypted communications should maintain the effectiveness of encryption to protect the privacy and security of communications, while providing an effective response to crime “.

Cyber ​​security

That said, the directive will not apply to vertical organizations such as defense, national security, public security, law enforcement, the judiciary, parliaments and central banks.

As part of the proposed agreement, the Member States of the European Union have a mandate to incorporate the provisions into their national law within 21 months of the entry into force of the Directive.

“The number, magnitude, sophistication, frequency and impact of cybersecurity incidents are increasing and pose a major threat to the functioning of the network and information systems,” the Council noted in the draft.

“Therefore, the preparation and effectiveness of cybersecurity are now more essential than ever for the proper functioning of the internal market.”





Source link

Related post

HCL Group acquires majority stake in vernacular edtech platform GUVI

HCL Group acquires majority stake in vernacular edtech platform…

IT firm HCL Group has acquired a majority stake in vernacular edtech platform GUVI that offers technical courses, the company said…
NIT Srinagar’s Torus club organises model quiz

NIT Srinagar’s Torus club organises model quiz

Torus club of NIT Srinagar is organizing a modeling competition Posted on Friday, January 7, 2022 Srinagar, January 06: Torus-design thinking…
ADA Highlights the Best Ruby on Rails Development Companies

ADA Highlights the Best Ruby on Rails Development Companies

Chained by competition rather than obsolescence, Ruby on Rails remains preferred by many web development companies” – ADA Reports! UNITED STATES,…

Leave a Reply

Your email address will not be published.