Europe has moved closer toward new cybersecurity standards and reporting rules following a provisional network and information systems agreement dubbed NIS2 by the European Council and Parliament.
Once approved, NIS2 will replace the current Directive on Security of Network and Information Systems, aka NIS, which was adopted in 2016. The new directive sets more stringent requirements — and possible sanctions, including fines — for a larger number of sectors that must comply with the computer security rules.
It also aims to eliminate “the wide divergences” among EU member states’ risk management and security reporting rules by establishing uniform criteria for assessing, reporting on, and taking steps to reduce cyber risk.
Source: The Register