Europe's New Cyber Security Directive
March 2016Financier Worldwide
In December 2015, after two years of negotiations, the European Parliament, the Council and the Commission agreed on the first cyber security directive for the European Union. The directive seeks to ensure a common level of network and information security (NIS) throughout the EU Member States given the varying and fragmented approaches to NIS that currently exist across the Union. The directive sets out EU-wide cyber security obligations for operators of essential services and digital service providers (DSPs), but the two categories will be subject to different regimes. For many such organisations, the directive constitutes the first breach reporting requirement in Europe.