EU governments, lawmakers agree on tougher cybersecurity rules for key sectors
European Union countries and lawmakers on Friday agreed to tighten cybersecurity rules for big energy, transport and financial firms, digital providers and medical device manufacturers amid concerns about cyber attacks by state actors and other malicious players. Of.
The European Commission proposed rules on cyber security of networks and information systems two years ago called the NIS 2 Directive, expanding the scope of the current rule known as the NIS Directive.
The new rules cover all medium and large companies in essential sectors – energy, transportation, banking, financial market infrastructure, health, vaccines and medical devices, drinking water, waste water, digital infrastructure, public administration and space.
All medium and large firms in postal and courier services, waste management, chemicals, food manufacturing, medical equipment, computers and electronics, machinery equipment, automotive, and digital providers such as online market places, online search engines, and social networking service platforms also have regulations. will come within the scope of
Companies are required to assess their cyber security risk, notify authorities, and take technical and organizational measures to counter the risks, with fines of up to 2% of global turnover for non-compliance.
EU countries and the EU cyber security agency ENISA can also assess risks to critical supply chains under the rules.
“Cyber threats have become more daring and more complex. It was imperative to adapt our security infrastructure to the new realities and ensure the safety of our citizens and infrastructure,” said EU industry chief Thierry Breton in a statement.
Read all the latest news, breaking news and IPL 2022 live updates here.