Your search keyword '"EU legislative framework"' showing total 2 results

1. Protection of the EU's Critical Infrastructures: Results and Challenges.

Author

Mikac, Robert

Subjects

INTERNET security, COMPUTER networks, INFORMATION storage & retrieval systems, PERSONAL computers

Abstract

At the end of 2022 and the beginning of 2023, the EU adopted several new legislative acts aimed at improving the resilience and protection of network and information systems and critical entities across the Union. The objective of this research is to list these acts, show their mutual connections and focus specifically on analysing the potential weaknesses of two legislative acts, namely: the NIS2 Directive and the CER Directive. The NIS2 Directive is a significant piece of legislation that aims to improve the cybersecurity of the European Union, while the CER Directive is a crucial piece of legislation that aims to improve the physical security of critical entities in the Union. These two documents are applied in parallel and contain many mutual references, which means that weaknesses in one document may have significant consequences for the implementation of the other. Using standard desktop analysis of primary and secondary sources, this paper reviews results and challenges in the protection of the EU's critical infrastructures by primarily focusing on these two documents. The research identifies and explains certain weaknesses, concluding with suggestions for possible solutions. [ABSTRACT FROM AUTHOR]

Published

2023

2. Towards an Efficient and Coherent Regulatory Framework on Cybersecurity in the EU: The Proposals for a NIS 2.0 Directive and a Cyber Resilience Act.

Author

Schmitz-Berndt, Sandra and Cole, Mark D.

Subjects

INTERNET security, INFORMATION technology laws, LAW reviews

Abstract

Cybersecurity regulation in the EU has long been implemented in a piecemeal fashion resulting in a fragmented regulatory landscape. Recent developments triggered the EU to review its approach which has not resulted in the envisaged high level of cyber resilience across the Union. The paper addresses the EU's limited mandate to regulate cybersecurity and outlines how the internal market rationale serves as a basis to harmonise cybersecurity legislation in the EU Member States. In that regard, the recent Proposal for a NIS 2.0 Directive (adopted by the European Parliament in November 2022) and the Proposal for a Cyber Resilience Act (published in September 2022) highlight how the EU seeks to align legislation and reduce complexity between different, often sectoral regulatory approaches to cybersecurity, while at the same time extending regulation in a view to achieve a high level of cybersecurity across the EU. As regards the latter, the paper also outlines how the Cyber Resilience Act will complement the NIS 2.0 Directive in order to close existing regulatory gaps. [ABSTRACT FROM AUTHOR]

Published

2022