The revised EU directive on the security of network and information systems (NIS2) establishes new responsibilities for the EU cybersecurity agency (ENISA), thus enhancing its role.
ENISA will prepare every other year a report on the state of cybersecurity across the EU. The report aims to provide policy recommendations to address shortcomings and to increase the level of cybersecurity in the EU.
Under the NIS2, member states will have to adopt a national plan for the management of large-scale cybersecurity incidents and crises, including identifying a responsible competent authority (or more than one). The plan will have to outline the objectives and procedures that will be deployed to manage cybersecurity incidents and crises that have a broader effect on the EU.
The NIS2 introduces a peer review mechanism to enhance member states’ cybersecurity capabilities and policies. Experts participating in peer reviews will have to draft reports on the findings of the reviews, including recommendations on how to improve the security aspects covered by the reviews.
The NIS2 formally establishes the EU-Cyber Crises Liaison Organisation Network (EU-CyCLONe). The EU-CyCLONe will act as an intermediary between the technical and political level during EU-wide cybersecurity incidents.
Cullen International is releasing a series of reports on the different aspects of the newly revised directive on the security of network and information systems (NIS2). Our final of five reports outlines the main requirements at EU level and for EU member states that are set out in NIS2.
Part 1: Scope
Part 2: Common security risk management and reporting requirements
Part 3: Specific obligations for the telecoms, ICT supply chain and digital sectors
Part 4: Supervision and jurisdiction
For more information and to access our NIS2 report series, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our European Digital Economy service.
06 February 23
Global trends to watch in 2023
A challenging 2023 seems inevitable, with multiple policy and regulatory issues expected to significantly impact telecoms operators, digital service providers and media companies. Cullen International research identified global issues affecting digital policy, regulation and law worth monitoring in 2023.
01 February 23
American countries work towards the adoption of 5G
The January 2023 update of Cullen International’s Americas spectrum regulatory benchmarks includes details of how eleven countries in the Americas are preparing for the implementation of 5G services. The research covers general spectrum policy, the specific regulation of spectrum bands and licences, spectrum awards and fees, and rules to promote the efficient use of spectrum.
20 January 23
EU Timeline: regulatory milestones for the first half of 2023
This edition of Cullen International’s EU Timeline highlights key regulatory developments foreseen at EU level until mid-2023.