Industry Committee adopts report on the NIS2 Directive
The Commission initiative on the European Cyber Resilience Act adds to an existing proposal for a Directive on Security of Network and Information Systems, commonly known as the NIS2 Directive. According to the legislative text adopted on 28 October 2021 by the lead European Parliament Committee on Industry, Research and Energy, EU Member States would have to meet stricter supervisory and enforcement measures and harmonise their sanctions regimes.
To recall, the NIS2 Directive will repeal the current NIS Directive, reforming the rules on the security of network and information systems and increasing the level of cyber resilience required of critical public and private sectors. Compared to the existing legislation, the new directive would obligate more entities and sectors to take measures. It also aims to reduce inconsistencies across the internal market by aligning scope, security and incident reporting requirements, national supervision, enforcement, as well as the capabilities of competent authorities.
The Report by rapporteur Bart Groothuis (The Netherlands, Renew Europe) on measures for a high common level of cybersecurity across the Union was adopted with 70 votes to 3, with 1 abstention. MEPs also voted to open negotiations with Council.
Next steps
The negotiating mandate on NIS2 is due to be announced during the European Parliament’s next plenary session on 10 November.
For further information contact Natallia Karniyevich
Sign up for our Connected newsletter for a monthly round-up from our Regulatory & Public Affairs team.
