Mark Young and Tomos Griffiths of Covington and Burling write:
In the early hours of Friday, 13 May, the European Parliament and the Council of the EU reached provisional political agreement on a new framework EU cybersecurity law, known as “NIS2”. This new law, which will replace the existing NIS Directive (which was agreed around the same time as GDPR, see here) aims to strengthen EU-wide cybersecurity protection across a broader range of sectors, including the pharmaceutical sector, medical device manufacturing, and the food sector.
We set out background on NIS2 in prior blog posts (e.g., in relation to the original proposal in late 2020, see here, and more recently when the Council of the EU adopted an updated version in December 2021). Whilst we are still waiting for the provisionally agreed text to be released, a few points are worth mentioning from this latest agreement:
Read more at InsidePrivacy.