The first EU-wide Legislation on Cybersecurity Approved

10 Dec 2015

The first EU-wide Legislation on Cybersecurity App...

After several years of debate, politicians in the European Parliament and European Union Council of Ministers have agreed upon EU-wide legislation aimed at improving cyber security. The Network and Information Security (NIS) Directive is set to have big implications for businesses operating across the EU.

The big effect the new directive will have on businesses is the part which states that any major service provider or operator of essential services must notify the authorities in case they suffer a cyber-attack that results in the loss of data. The directive also aims to put pressure on companies and organisations to make their cyber security robust enough to resist a cyber-attack. Failure to do so could result in hefty fines.

In its first phase the directive will apply to companies operating in the health, water supply, financial, transport and energy sectors.

"Trust and security are the very foundations of a Digital Single Market. If we want people and businesses to use and make the most of connected digital services, they need to trust them to be secure in the case of attack or failure. The internet knows no border – a problem in one country can have a knock-on effect in the rest of Europe. This is why we need EU-wide cybersecurity solutions. Last night's agreement is an important step in this direction, but we cannot stop here: we plan an ambitious partnership with the industry in the coming months to develop more secure products and services," said Andrus Ansip, European Commission Vice-President for the Digital Single Market.

The NIS Directive was first suggested in 2013, but due to political wrangling the first draft has only now been approved by ministers.

European officials believe that cybersecurity breaches cost some $280-370 billion per year. The European Parliament and member states will consider whether to approve the new rules in the coming months.

If the text is formally approved by the European Parliament and the Council it will be published in the EU Official Journal and will officially enter into force. Once in place EU Member States will then have 21 months to implement the Directive into their national laws and 6 months more to identify operators of essential services.

How Can PGI Help You Prepare?

Is your organisation prepared for the new EU legislation? If you need advice on how to get your business ready contact the experts at PGI.

PGI will be able to support in a number of ways:

Share this article

Subscribe to our Cyber Bytes Newsletter

Keep yourself in the loop with PGI by signing up to our Weekly Cyber Bytes email where you'll be receiving updates, tips and narrative around what has been happening in the world of information security.

Related News

CISMP, CISSP and CISM - what's in an acronym?

20 Mar 2017

There is a wide range of different security courses available, and a mind-boggling array of certific...

Read news article

International Womens Day - Pioneering Women in Tec...

08 Mar 2017

Pioneering Women in Technology – Katherine JohnsonThe Oscar season has been and gone. The...

Read news article

Law Firms and why they need cyber security

06 Mar 2017

Suffering a data breach can be devastating for any company but for law firms the impacts can be part...

Read news article
Back to the News Hub

Follow us

+44 (0)207 887 2699
©2017 PGI - Protection Group International Ltd. All rights reserved.
PGI - Protection Group International Ltd is registered in England & Wales, reg. no. 07967865
Registered address: Cascades 1, 1190 Park Avenue, Aztec W, Almondsbury, Bristol BS32 4FP