Is Europe cyber secure? Newsletter
This week’s key events presented by Euronews’ senior tech and industry reporter Cynthia Kroet
Key diary dates
-
Monday 14 October: Agriculture Committee MEPs will hear from Peter Strohschneider, Chair, and participants of the Strategic Dialogue about their recommendations for the future of EU agriculture.
-
Monday 14 October: Environment Council to adopt EU conclusions for upcoming summits COP16 (Biodiversity, Cali, Colombia 21 October to 1 November), and COP29 (Climate, Baku, Azerbaijan, 11 to 22 November 2024). Both will serve as the EU’s negotiating mandate at the UN summits.
-
Thursday – Friday 17/18 October: European Council summit to debate Ukraine, Middle East, Draghi and Letta reports, and migration.
In spotlight
In a bid to counter severe and disruptive cyber incidents, member states have until this Wednesday to update their national rulebooks to align with EU cybersecurity rules for critical entities, dubbed the Network and Information Security Directive 2 (NIS2).
However, Euronews reported last week that the European Commission only received confirmations from Belgium and Croatia about their transposition of NIS2 so far.
All eyes will be on the remaining 25 countries to implement the rules, which were approved back in 2022 with the aim to protect critical entities, such as energy, transport, banking, water and digital infrastructures, against major cyber incidents.
It will repeal NIS1 which – according to the Commission – failed to improve cyber resilience of businesses operating in the EU, and did not promote joint crisis response.
Some countries, including Germany, the Netherlands, Sweden and Czechia have draft laws pending, while others like Ireland, Greece and Spain are further behind in the process.
Some governments, including the French, warned about the lack of awareness among companies that now fall within the rules, as well as the increased scope: going from 500 entities concerned under NIS1, to 15,000 possibly affected under NIS2.
NIS2 introduces a new timeline for reporting incidents – a warning within 24 hours and deliver an incident report within 72 hours – whenever a company faces serious operational disruptions.
The rules also come with penalties for non-compliance: fines of up to €10 million or 2% of global annual revenue. In addition, senior management can be held personally liable for security breaches caused by negligence, which means that responsibility for cybersecurity policy will go beyond IT departments.
Policy newsmakers
Fireworks in Strasbourg
Viktor Orbán and Ursula von der Leyen clashed head-on during a fiery debate at the European Parliament on Wednesday that saw both leaders outline opposing visions for Europe’s future and lay bare their strong dislike for each other. Russia’s war on Ukraine, how best to tackle Europe’s loss of competitiveness issue and the rise in irregular migration were among the many areas of contention between the two. Differences will be on display again this week when the pair meet at the EU Council, where migration and competitiveness are once again up for discussion.
Policy Poll
Data brief
World News || Latest News || U.S. News
Source link