Rules requiring EU countries to meet stricter supervisory and enforcement measures and harmonise their sanctions were approved by MEPs on Thursday. The legislation, already agreed between MEPs and the Council in May, will set tighter cybersecurity obligations for risk management, reporting obligations and information sharing.
The requirements cover incident response, supply chain security, encryption and vulnerability disclosure, among other provisions. More entities and sectors will have to take measures to protect themselves. “Essential sectors” such as the energy, transport, banking, health, digital infrastructure, public administration and space sectors will be covered by the new security provisions.
Read more…
Source: European Parliament
Related:
- X gets $140 million EU fine for breaching content rules but TikTok settles
December 5, 2025
Elon Musk’s social media company X was fined 120 million euros ($140 million) by EU tech regulators on Friday for breaching online content rules, the first sanction under landmark legislation that once again drew criticism from the U.S. government. While X did not respond to an emailed request for comment, Musk replied “Bullshit” under a European ...
- International takedown of cryptocurrency fraud network laundering over EUR 700 million
December 4, 2025
The final actions in a sweeping international operation have successfully dismantled a large-scale cryptocurrency fraud and money laundering network that had laundered over EUR 700 million. Coordinated across multiple jurisdictions, these actions, carried out last month and earlier this week, mark the culmination of years of investigation and the effective disruption of a criminal operation ...
- Organised crime online: How Europol disrupts cybercrime
November 27, 2025
How does Europol target cybercrime networks? Investigate phishing-as-a-service platforms? Or help tackle child sexual exploitation? This publication, presented at the Committee on Civil Liberties, Justice and Home Affairs Ordinary (LIBE), provides a general overview on how Europol disrupts cybercrime, taking the key insights from the Internet Organised Crime Threat Assessment (IOCTA) and EU Serious and Organised ...
- European Union Agency for Cybersecurity (ENISA) becomes a Common Vulnerabilities and Exposures (CVE) Program-Root
November 20, 2025
As a Common Vulnerability and Exposure (CVE) Numbering Authority (CNA), ENISA is authorised to assign CVE Identifiers (CVE IDs) and to publish CVE Records for vulnerabilities discovered by or reported to EU CSIRTs, in line with their dedicated coordinator roles since January 2024. As Root CNA, ENISA is now expanding its role within the CVE ...
- Five major changes to the regulation of cybersecurity in the UK under the Cyber Security and Resilience Bill
November 16, 2025
As the UK Government has recognized, cyber incidents—such as Jaguar Land Rover, Marks and Spencer, Royal Mail and the British Library—are costing UK businesses billions annually and causing severe disruption. The Government recognizes that cybersecurity is a critical enabler of economic growth (“we cannot have growth without stability”), and that the current laws have “fallen out ...
- Irish regulator launches investigation into X over handling of reports from users
November 12, 2025
Ireland’s media regulator has commenced a formal investigation into X over concerns about how it handles reported content. Coimisiún na Meán suspects the platform, formerly known as Twitter, may not be in compliance with its obligations under Article 20 of the Digital Services Act (DSA), which sets out rules on how complaints should be managed by ...