The revised EU directive on the security of network and information systems (NIS2) will repeal and replace the existing NIS Directive.
The NIS Directive, adopted in 2016, was the first EU-wide cybersecurity law.
The principal objective of the NIS2 Directive is to increase the level of cyber resilience across the EU. It does so by requiring all entities in the EU, which provide critical services to the economy and society as a whole, to take appropriate cybersecurity measures.
Importantly, the NIS2 also addresses the shortcomings of the current NIS framework, as well as responds to changes in the cybersecurity threat landscape.
The NIS2 Directive covers a broad range of key sectors such as telecoms, managed information technology services, data centres, and social media platforms.
The revised directive classifies the entities covered into those which are considered essential and those which are important. As a rule, all medium and large size entities will have to comply with the NIS2 security risk management and reporting rules. However, the directive will adjust the classification as being either essential or important depending on the size of the entity.
Cullen International is releasing a series of reports on the different aspects of the newly revised NIS2 directive. The first of five reports covers the objectives and scope of the revised directive and explains the applicable rules to classify entities as either essential or important.
For more information and to access our NIS2 report series, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our European Digital Economy service.
more news
22 September 23
Battery passports become mandatory from 2027 for EV and industrial batteries
The Batteries Regulation entered into force on 17 August 2023, replacing the previous Batteries Directive (2006/66/EC). The requirements of the regulation will be phased in over time from 18 February 2024. Our Tracker provides a handy overview on this regulation.
20 September 23
New Global Trends research on tower companies
Tower companies (TowerCos) build and operate towers which are used as passive infrastructure to host active elements of one or more telecommunications networks. Cullen International’s latest research provides an overview of the TowerCo ecosystem across 12 jurisdictions around the world.
18 September 23
Are governments around the world in control of online content moderation?
Freeing the internet from content that is widely perceived as unwanted has become a priority worldwide. This Global Trends report discusses how a more supervised online environment has evolved across borders through the implementation of online content moderation (OCM) regimes.
latest tweets
follow usStay in touch
Subscribe to our newsletter for a free weekly summary of the latest regulatory news and analysis from the communications world.