Cybersecurity in the EU – Why we need NIS2 and what changes does it mean for the tech sector?

Cybersecurity is one of the European Commission’s top priorities and a cornerstone of the digital and connected Europe. An increase of cyber attacks during the COVID crisis has shown how important it is to protect hospitals, research centres and other critical infrastructure.

According to the Commission, the review of the Directive on Security of Network and Information Systems (NIS2) is an essential step towards a more resilient Europe, ensuring state-of-the-art risk management of current and emerging cyber threats to vital sectors of the EU economy and society. Margrethe Vestager, Executive Vice-President for a Europe Fit for the Digital Age, said: “The digital transformation is accelerating, but can only succeed if people and businesses can trust that the connected products and services – on which they rely – are secure.”

Increased cybercrime activity has an even greater impact when it becomes the vector to large-scale operations, such as ransomware attacks against critical infrastructures. The shutdowns of Ireland’s health service in June 2021, and the recent paralysis of local administration in the Belgian city of Liege are only the latest examples.

The new text aims to address several shortcomings of the NIS1 Directive. It categorises companies into ‘essential’ and ‘important’ based on the criticality of their services and subjects the two categories to different supervisory regimes. The NIS2 proposal covers new services, such as the manufacturing of pharmaceuticals, medical devices and chemicals, the food sector, wastewater and waste management, postal and courier services as well as public administration.

Digital infrastructure, such as internet exchange point providers, top-level domain name registries, and cloud and data centre providers would be considered ‘essential’ entities. Online marketplaces, search engines, providers of social networking and services platforms would be labelled as ‘important’ entities.

Listen to the full event here:

Cybersecurity in the EU – Why we need NIS2 and what changes does it mean for the tech sector?

>> Click here for more information about the event.

>> Click here to check out our upcoming event

Subscribe to our newsletters

Subscribe