Hunton Andrews Kurth blog reports:
On October 28, 2021, the European Parliament’s Committee on Industry, Research and Energy adopted a draft directive on cybersecurity (“NIS2 Directive”). The NIS2 Directive will broaden the scope of the existing NIS Directive to apply to “important sectors,” such as waste management, postal services, chemicals, food, medical device manufacturers, digital providers and producers of electronics, in addition to “essential sectors.” The NIS2 Directive imposes specific cybersecurity requirements relating to incident response, supply chain security, encryption and vulnerability disclosure obligations. The NIS2 Directive also aims to establish better cooperation and information sharing between EU Member States, and create a common European vulnerability database.
Read more on Privacy & Information Security Law Blog.