On 17 February 2022, the second-round of trilogue negotiations commenced between the EU’s institutions on the so-called ‘NIS2’ Directive, which intends to reform the EU’s current cybersecurity rules.
Dan Whitehead of Hogan Lovells writes:
NIS2 is intended to update the existing Directive 2016/1148 (the Network and Information Security Directive (NIS1)) which took effect in May 2018. It seeks to address a number of limitations that the European Commission identified with the current framework. These included concerns about being able to adequately protect against and collectively respond to major cybersecurity incidents that affect the single market and ensuring that the rules adequately reflect the increased digitisation across sectors which provide essential services.
The final detail of NIS2 is subject to the outcome of negotiations between the EU institutions and the following is primarily based on the latest text proposed by the Council of the EU.
Read more at Engage.