The European Commission announced the NIS2 Directive, a modernized framework based on the EU Network and Information Security Directive is effective. The commission outlined how the directive "will strengthen the cybersecurity risk management requirements that companies are obliged to comply with." The regulation includes seamless incident reporting obligations with respect to the information being reported and the timeline for reporting. EU member states are required to transpose the directive into national law over the next 21 months.
17 Jan. 2023
EU NIS2 Directive takes force
Related stories
IAPP DPC 2024: Reynders discusses GDPR enforcement harmonization, adequacy developments
US Senate subcommittee ponders accountability for AI-assisted scams
Looming challenges for the EU AI Act's Code of Practice
Tracking evolving policy paradigms in a hallmark year for AI governance
AI and patents: What qualifies as a creator