The European Union’s NIS 2 cybersecurity directive, now enforceable, mandates companies to bolster their cybersecurity practices or face hefty fines. The regulation, which updates the previous National and Information Systems (NIS) directive, requires businesses to enhance risk management, transparency, and business continuity planning.
What Happened: The EU’s NIS 2 directive became enforceable on Thursday. Despite the enforcement deadline, many EU countries have not yet incorporated it into their national laws, potentially leading to inconsistent enforcement, CNBC reported on Thursday.
Portugal and Bulgaria have not started this process, as reported by the DNS Research Federation. Tim Wright from Fladgate emphasized that the regulation’s success hinges on uniform implementation across the EU.
The directive applies to essential service providers, including banks and healthcare institutions, which must report cyber breaches within 24 hours. Non-compliance can result in fines of up to 10 million euros ($10.84 million) or 2% of global revenues.
Chris Gow from Cisco noted that local adaptations of the law have created challenges, especially for smaller firms. Companies are advised to establish core security controls to ensure compliance.
See Also: End Of An Era? Apple’s 16-Year-Old Accessory Is Out Of Stock Worldwide
Why It Matters: The introduction of the NIS 2 directive comes amid a broader regulatory push by the EU to tighten controls on tech giants. Earlier this year, a coalition of 26 European industry groups called for a non-discriminatory approach to the proposed European Union Cybersecurity Certification Scheme (EUCS) for cloud services.
This scheme aims to help governments and businesses choose secure cloud service providers, with concerns raised about potential bias against major U.S. tech companies like Microsoft Corp. (NASDAQ:MSFT), Alphabet Inc. (NASDAQ:GOOG) (NASDAQ:GOOGL), and Amazon.com Inc. (NASDAQ:AMZN).
Furthermore, the EU has been actively engaging with tech giants to address compliance with digital regulations. In January, Apple Inc. (NASDAQ:AAPL), Alphabet, and Qualcomm Inc. (NASDAQ:QCOM) were in discussions with EU Antitrust Chief Margrethe Vestager about the Digital Markets Act and competition policies.
Read Next:
Disclaimer: This content was partially produced with the help of Benzinga Neuro and was reviewed and published by Benzinga editors.
Photo by Christian Lue on Unsplash