EU Adopts New Cybersecurity Rules

    Jun 03, 2016

    Digital service providers and companies in critical sectors of the economy will be required to notify authorities of cyber attacks as part of new rules to beef up the security of network and information systems across the European Union (EU) and adopted by the European Council on May 17.

    The Network and Information Security (NIS) Directive imposes five requirements on member states in an effort to increase cybersecurity cooperation. It:

    1. Requires the adoption of a national strategy on the security of network and information systems
    2. Creates a cooperation group to support and facilitate strategic cooperation and the exchange of information
    3. Establishes a computer security incident response teams network to contribute to the development of trust and confidence between member states and to promote swift and effective operational cooperation
    4. Establishes security and notification requirements for operators of essential services and for digital service providers
    5. Imposes obligations for member states to designate national competent authorities

    According to the directive, the existing capabilities of EU member states are not sufficient to ensure the effective protection of network and information systems within the EU.

    “Member States have very different levels of preparedness, which has led to fragmented approaches across the Union,” the directive states. “This results in an unequal level of protection of consumers and businesses, and undermines the overall level of security of network and information systems within the Union.”  

    If the European Parliament approves the directive at its next plenary session, it will enter into force in August 2016. Member states will then have 21 months to adopt the necessary national provisions and then six months to identify operators of essential services.  

    The online Global Policy Brief is intended to help you stay current on international news and events. Further information about the issue is accessed by clicking on the link provided at the end of each summary.

    Want to sign up to receive an email version of the Global Policy Brief? It's free! Just tell us a little about yourself and you'll receive a monthly dose of the latest in legislation, regulation, and more.

    © 2017, ARMA International