For enterprises operating in Europe, the European Commission’s December 2020 EU Cybersecurity Strategy may dictate how you go about improving cyber resilience.The 2020 EU Cybersecurity Strategy underlines the important role of cybersecurity for a growing EU economy and reinforcing user confidence in digital tools. The publication goes beyond cybersecurity policy and compliance aspects to cover three key areas: resilience and technological sovereignty; the ability to prevent, deter and respond to attacks; and increased teamwork.
Two recent documents, one which is part of the new EU Cybersecurity Strategy and one that is a proposal for a revised Directive on Security of Network and Information Systems (NIS2), will greatly influence the way groups doing business in Europe or working with European governments or entities can work.
Read on to learn what’s new, where the future of cybersecurity in the EU is headed and how businesses can prepare for these changes now.
Cyber Resilience Starts With the NIS2 Directive
One of the most noteworthy parts of this proposal is to reform the EU’s existing NIS Directive. This directive, adopted in 2016, sets a range of security benchmarks that apply to operators of essential services and digital service providers. The commission highlighted a few shortcomings in this directive:
A too-limited scope in terms of sectors covered and an ineffective oversight and enforcement regime;
Major differences in rollout that created burdens for groups running in more than one member state;
Uneven cyber resilience across member states and sectors and a lack of sharing information.
This reform is not a surpr ..