This so-called “Cyber Shield” is meant to spot attacks more quickly and help European organizations react and share intelligence across sectors. The Commission and its diplomatic service also released a new Cybersecurity Strategy, which lays out new mechanisms for industry players, and public and security authorities to exchange threat intelligence and incident response information. It is naive to invest billions into our essential businesses and infrastructure and then fail to protect those investments from attack," said Dita Charanzová, the European Parliament's vice president, who is charge of cybersecurity. National authorities "must be strengthened and given the proper funding and staffing in order to carry out their vital tasks. The previous version of the EU's NIS Directive took three years to negotiate. The proposals are likely to trigger fierce lobbying over enforcement powers as well as pushback from capitals that fear it could erode their competence over security issues. The two new directives need approval by national governments in the Council of the EU and by the European Parliament.
"What's important is that the directive has teeth," Schinas said.Įssential companies will also face new security requirements to protect their physical infrastructure under a revamp of the EU's critical infrastructure law, the Critical Entities Resilience Directive. Authorities would also be able to temporarily halt a non-compliant firm's activities and even force a CEO to temporarily step down from his or her duties. Countries are asked to set potential fines of up to 2 percent or €10 million, but they can be higher too.
#December 7 critical ops hack upgrade
The upgrade will also grant national authorities more power to enforce the law.
The first, an upgrade of the bloc's Network and Information Security Directive (NIS Directive, now NIS2) will impose new requirements on "essential" and "important" service providers in critical sectors, including reporting cyberattacks, implementing security policies, scrutinizing the security of suppliers and the use of encryption technology. Cloud providers, vaccine makers and videoconferencing services like Zoom have also been added to the scope of the law. Two new proposed laws aim to strengthen cybersecurity for companies providing critical infrastructure and crucial sectors including energy, transport, financial services, cloud, telecoms, aerospace, health care, manufacturing and central government IT services. "All this points to something that is pretty evident: That Europe is a prime target," Schinas told reporters.
0 kommentar(er)
