EU Governments Provisionally Agree on Updated Network Security Rules
Stronger EU cybersecurity rules advanced Friday when government and European Parliament negotiators agreed provisionally to the revised network and information security directive (NIS2). If approved by European Council members and the full Parliament, the measure would set the baseline for…
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
cybersecurity risk management measures and reporting obligations across several sectors, the Council said. One is digital infrastructure: The directive would apply to providers of public electronic communications services, digital services and domain name system services (see 2103220038). NIS2 introduces a size-cap rule under which all medium and large entities within the relevant sectors would be subject to the rules. Negotiators agreed on other provisions to ensure proportionality, a higher level of risk management and "clear-cut criticality criteria" for determining which enterprises are covered. The provisional accord also streamlines reporting requirements. The European Commission welcomed the political agreement, saying its next move will be a cyber-resilience act to ensure that digital products are more secure.