European Commission proposal for a Directive on network and information security (NIS)

The European Commission has yesterday published a proposal on a Directive for Network and Information Security (NIS) in Europe. This proposal requires Member States to set up Computer Emergency Response Teams (CERTs), and to adopt national NIS strategies and national NIS cooperation plans.

The directive requires operators of critical infrastructure (such as energy, transport, banking, stock exchange, healthcare), key Internet enablers (e-commerce platforms, social networks, etc) and public administrations to assess the risks they face and to adopt appropriate and proportionate measures to ensure NIS. These entities will also be required to report to competent authorities incidents with a significant impact on core services provided.

More information on the background of the proposal can be found here on the EC-website.