On 17 May 2016, the European Council adopted the draft NIS Directive (network and information security), the first legislation in the European Union (EU) on cybersecurity which seeks to increase cooperation between member states in this area.
The Directive establishes security obligations for operators of services in critical sectors (energy, transport, health and finance) and for providers of digital services. It also determines that each Member State shall designate one or more national authorities for application and enforcement of the Directive and establish a strategy for dealing with cyber threats.
The information provided by the Council also said that the Dutch Presidency has already started preparing for the implementation of this legislation together with the European Union Agency for Network and Information Security (ENISA).
To complete the process, the Directive must be approved by the European Parliament and subsequently published in the EU Official Journal; it is expected to enter into force in August 2016.
Further information:
- Position of the Council at first reading with a view to the adoption of a Directive concerning measures for a high common level of security of network and information systems across the Union http://data.consilium.europa.eu/doc/document/ST-5581-2016-INIT/en/pdf
- EU-wide cybersecurity rules adopted by the Council http://www.consilium.europa.eu/en/press/press-releases/2016/05/17-wide-cybersecurity-rule-adopted/
Related information on ANACOM's website:
- Agreement on Directive to strengthen cybersecurity https://www.anacom.pt/render.jsp?contentId=1374920
