NIS2 Directive: Finalising the text of the provisional agreement on a technical level - one step closer to an adoption
Written By
Partner
Germany
I'm a technology, copyright, AI, cyber security and data protection lawyer. My ambition is to provide the best and most suitable advice to clients and, in particular, to guide them through their technology transactions, IT and data in a pragmatic, solution-driven and innovative manner.
Of Counsel
Netherlands
I am a Principal Regulatory Counsel in our Regulatory & Public Affairs practice in the Netherlands and Brussels. I have a focus on tech and comms and digital markets regulation, drawing on in-depth business knowledge and extensive experience in TMT and public administration.
Related
Practices
Sectors
Following the co-legislators’ provisional agreement on the NIS2 Directive in mid-May 2022, the text has now been finalised on a technical level. This means that lawyers’ linguists have worked on further details and consistency of the text. The new act will repeal the current NIS Directive, amending the rules on the security of network and information systems.
The rules will be of relevance both for the entities directly falling under the new Directive (in conjunction with its future local implementation) as well as, though itself not in scope, dealing with the organisations covered by the NIS2 Directive.
Once formally approved by the co-legislators and published in the Official Journal, the NIS2 Directive will enter into force 20 days after publication. Member States will then have 21 months to transpose the Directive into national law. In Germany, for example, following the IT Security Act 2.0, the legislator will have to deal with an IT Security Act 3.0.
Our article provides an update of the newsletter on the NIS2 Directive as of June 2022 concerning the EU co-legislators’ provisional agreement and describes the key takeaways of the current draft of the Directive.
