The European Commission announced the NIS2 Directive, a modernized framework based on the EU Network and Information Security Directive is effective. The commission outlined how the directive "will strengthen the cybersecurity risk management requirements that companies are obliged to comply with." The regulation includes seamless incident reporting obligations with respect to the information being reported and the timeline for reporting. EU member states are required to transpose the directive into national law over the next 21 months.
17 Jan. 2023
EU NIS2 Directive takes force
RELATED STORIES
Privacy in Arkansas: Is Arkansas ready for a consumer privacy law?
A view from DC: CFPB calls for states to regulate financial privacy
Notes from the IAPP Canada: OPC's WADA investigation 'raises some interesting issues'
A view from Brussels: European Commission's new tech policy center of gravity
First fine imposed under Thailand's Personal Data Protection Act
