MEP’s and representatives from the Council of Ministers last night reached a political agreement on the draft Network and Information Security (NIS) Directive, aimed at enhancing European cyber security regulations. The deal will see EU countries working together much more closely to boost the Union’s cyber security capabilities. The Alliance of Liberals and Democrats in the European Parliament welcomed the deal today, in particular the fact that small business were excluded scope of the directive, but expressed regret at the inclusion of internet enablers in the scope of the Directive.
Commenting last night, Antonas Guoga MEP, ALDE shadow rapporteur for this legislation said:
“The political agreement reached today on the NIS Directive is in my view very far from perfect, but it’s an important step that has to be taken to help sectors depending on IT systems to be more secure and stable. This legislation will deliver more consistent risk management measures and systematic reporting of incidents. I am delighted we managed to convince Member States to accept mandatory cooperation mechanisms on cyber-security; improved cooperation and transparency is needed at a European level to improve the ability of the Member States to avoid and respond to cyber incidents”
“Liberals and Democrats defended the need for a harmonised approach, so businesses providing services across the whole EU will be able to apply one set of rules, instead of 28 different approaches. I hope this will create much more manageable situations and opportunities for long term investors, while increasing Europe’s cybersecurity capabilities. I am delighted we also managed to secure an exclusion for our small digital companies; this is crucial for the development of the single market and European competitiveness globally. ”
The NIS legislation is intended to:
• Improve Member States’ national cybersecurity capabilities.
• Improve cooperation between Member States, and between public and private sectors.
• Require companies in critical sectors – such as energy, transport, banking and health – as well as key Internet services to adopt risk management practices and report major incidents to national authorities.