European Parliament and the Council of the European Union reached a provisional agreement on the NIS2 Directive, a modernized framework based on the EU Network and Information Security Directive. NIS2 sets out "the baseline for cybersecurity risk management measures and reporting obligations" across applicable sectors, including energy, transportation, health and digital infrastructure. The new framework has a wider scope to include medium-sized entities and streamlined incident reporting requirements. Following final approval, entities will have a 21-month compliance window once the directive enters into force.
EU institutions reach provisional agreement on cybersecurity directive
RELATED STORIES
What to know about the new Canadian government PIA standard
Notes from the IAPP Canada: 'The Debaters' battle it out over privacy
A view from DC: What does a second Trump presidency mean for privacy, AI governance?
A view from Brussels: Global Privacy Assembly explores the 'Power of i'
What the US election results may mean for digital policy
