ey future of cybersecurity

EY Report: The future of cybersecurity in Europe. Challenges related to the NIS2 Directive.

Related topics

It is our great pleasure to present the EY Report: The future of cybersecurity in Europe. Challenges related to the NIS2 Directive.

The NIS2 Directive will be one of the key pieces of cybersecurity legislation and, as such, it will impose new obligations on companies and individuals operating in certain critical sectors. Together, let us start a discussion on a wise and harmonized approach to the implementation of the NIS2 Directive in the individual Member States.

On 28 November 2022, the Council of the European Union adopted a new cybersecurity EU Directive 2022/2555 (NIS2 Directive). It is intended to replace and repeal the current EU Directive 2016/1148 on measures for a high common level of security of network and information systems across the European Union (NIS Directive).

Why does the European Union introduce NIS2 Directive? 

The NIS Directive was intended to regulate cybersecurity in the European Union in a comprehensive manner. However, the lack of consistent implementation of the NIS Directive in individual EU countries has led that this objective has not been achieved. Therefore, the European Union has decided to adopt the NIS2 Directive in response to increasing cyber threats related to digitization. The aim of new Directive is to achieve even higher levels of cybersecurity than in the NIS Directive. It is also designed to promote greater harmonization of cybersecurity rules across EU Member States.

The NIS2 Directive, like the NIS Directive, requires Member States to establish a national cybersecurity strategy, to designate competent national authorities or to respond to computer security incidents. However, compared with the first Directive, it introduces more stringent security and reporting requirements for entrepreneurs, as well as stricter supervision measures applied by national authorities.

EY Poland Digital Law Team and EY Poland Cybersecurity Team have prepared a report which discusses the impact and challenges related to the implementation of the NIS2 Directive for different business entities and for EU Member States, as well as the changes introduced in relation to the previous NIS Directive.

The EY Report emphasizes the need to harmonize regulations for cybersecurity in two dimensions – at EU level and in individual Member States. The differences in the regulatory approach to cybersecurity can have a direct impact not only on the cybersecurity, but also on the development of digitalization in different countries and on the competitiveness of national companies on the global markets.


The NIS2 Directive – How it will impact the future of cybersecurity in Europe?
 

As the implementation of the NIS Directive was difficult for both
businesses and public entities, we decided to analyze the NIS2 Directive
and identify the potential challenges associated with the new
regulations. The aim is to present a broad picture of the NIS2 Directive
and how it will influence both the regulatory developments and the
challenges that businesses face today and in the future.


Are you ready for new requirements of NIS2 Directive?

EY's report will help the entities that are covered by the NIS2 Directive to better understand the upcoming obligations and will initiate a discussion on a wise and harmonized approach to the implementation of the NIS2 Directive in Member States.

The report focuses on the categories of entities that may be most affected by the NIS2 Directive due to the economic burdens associated with fulfilling the new obligations (e.g., SMEs). The presentation of specific problems related to the NIS2 Directive will allow for a rational view at the challenges and will help to develop actions that should be taken for the optimal implementation of the NIS2 Directive.

Download EY Report:

"The future of cybersecurity in Europe. Challenges related to the NIS2 Directive"

The future of cybersecurity in Europe. Challenges related to the NIS2 Directive


Contact



About this article