The EU has introduced NIS2, an updated Network and Information Security Directive, with enhanced security rules and reporting requirements for a broader range of organisations. The directive addresses increasing global ransomware attacks and the complex cybersecurity landscape. EU member states must implement the law by 17th October 2024, including establishing computer security incident response teams. Organisations must also institute policies for risk analysis, information system security and cybersecurity risk management. Penalties for non-compliance could reach €10 million or 2% of global annual revenue for essential entities.
Commission wants health-dedicated centre in EU cybersecurity agency
The EU Commission has proposed an action plan to protect the healthcare sector from cyber threats, including setting up a cybersecurity centre within the EU’s
