EU Council adopts cybersecurity directive – new rules on security requirements and incident reporting

Cybersecurity Law Alert

The Council of the European Union, which comprises representatives of the member states’ national governments, this week formally adopted the Network and Information Security Directive.

The NIS Directive will increase the security of network and information systems across the EU and includes a new incident notification regime for affected businesses. Its entry into force will give affected businesses further impetus to kick-start internal assessments to ensure that their network and information security practices are well documented and effective.

The final stage for the NIS Directive is endorsement from the Parliament, which is expected imminently. Thereafter, it should become effective EU law in August of this year, giving member states 21 months to adopt the necessary national provisions.

Find out more.

For further information, please get in touch with your DLA Piper contact or email us at [email protected]