INFORMATION TECHNOLOGY
EU Commission: NIS 2, adopted the first implementing rules of the Network Security Directive.
The EU Commission has adopted the first implementing rules on the cybersecurity of critical entities and networks under the Directive on measures for a high common level of cybersecurity across the Union (NIS2 Directive).
The implementing regulation specifies cybersecurity risk management measures, as well as when an incident should be considered significant, to whom companies providing digital services must report it and in what timeframe. The implementing regulation will apply to specific categories of companies providing digital services, such as cloud computing service providers, data center service providers, online marketplaces, online search engines and social networking platforms. For each category of service providers, it is specified when an incident is considered significant, to whom it must be reported and in what time frame.
The implementing regulation specifies cybersecurity risk management measures, as well as when an incident should be considered significant, to whom companies providing digital services must report it and in what timeframe. The implementing regulation will apply to specific categories of companies providing digital services, such as cloud computing service providers, data center service providers, online marketplaces, online search engines and social networking platforms. For each category of service providers, it is specified when an incident is considered significant, to whom it must be reported and in what time frame.
