European Parliament and the Council of the European Union reached a provisional agreement on the NIS2 Directive, a modernized framework based on the EU Network and Information Security Directive. NIS2 sets out "the baseline for cybersecurity risk management measures and reporting obligations" across applicable sectors, including energy, transportation, health and digital infrastructure. The new framework has a wider scope to include medium-sized entities and streamlined incident reporting requirements. Following final approval, entities will have a 21-month compliance window once the directive enters into force.
If you want to comment on this post, you need to login.