• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

European Council Adopts the Network and Information Security Directive

May 19, 2016 By Privacy, Cyber & Data Strategy Team

On May 17, 2016, the European Council formally adopted its position at first reading of the Network and Information Security Directive (“NIS Directive”). The objective of the NIS Directive is to increase cooperation between EU Member States on issues of network and information security. Companies subject to the NIS Directive are required to adopt “appropriate and proportionate technical and organisational measures.” Specifically, the NIS Directive sets forth new cybersecurity obligations for providers of essential services (including entities within the energy, transport, banking, health, and drinking water supply and distribution sectors), and digital service providers (providers offering online marketplaces, online search engines, and cloud computing services). For a deeper analysis of the NIS Directive, please see “Even More EU Data Regulation: The Network Information Security Directive” written by Jim Harvey and available here.

The proposed NIS Directive would also require each EU Member State to designate one or more national authorities on the security of network and information systems, and establish a strategy for dealing with cyber threats.

Discussions and negotiations regarding the NIS Directive have been occurring for quite some time now as an informal political agreement was reached last December, followed by a European Parliament committee vote in favor of the NIS Directive in January. The European Council confirmed the political agreement in February and adopted its position at first reading on May 17th. The European Council will transmit its position to the European Parliament on May 25th. The European Parliament is expected to vote on the NIS Directive during its July 4th to July 7th session, with the NIS Directive going into force in August 2016. EU member states will have 21 months from the NIS Directive’s entry into force to adopt the necessary national provisions.

 

Filed Under: Uncategorized Tagged With: cybersecurity, EU Data Protection, EU Regulation, European Union (EU), Information Security

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • The California Privacy Protection Agency Solicits Public Input on Forthcoming Privacy Regulations
  • U.S. Department of Commerce Announces the Establishment of a Global CBPR Forum
  • Colorado Issues Pre-Rulemaking Considerations for the Colorado Privacy Act
  • Recent Updates in Two Closely-Watched Cybersecurity and Privacy-Related Securities Fraud Class Actions
  • EU and U.S. Reach Agreement In Principle on a Replacement for the EU-U.S. Privacy Shield
Copyright © 2022 · Alston & Bird · All Rights Reserved. Privacy.