eu cyber security rules

The European Council has adopted new rules for cyber-security. It aims to make networks and information services across the EU more secure and safer.

The NIS (Network and Information Security) demands providers to put in measures that will minimise the risk of cyber attacks. They are also required to report any major security incidents. The providers are required to cover essential services such as transport, health, finance, energy and other digital providers like online markets, cloud services and search engines.

Member states will decide what areas include ‘essential services’ through the criteria in the NIS directive and they will be under stricter rules.

Digital service providers will have weaker rules and the rules to anyone in selected market sectors but smaller companies will have an exemption. This means large companies will need to meet a new set of minimum security requirements decided by the European Union.

“This is an important step towards a more coordinated approach in cyber-security across Europe,” said Council president and Luxembourg prime minister Xavier Bettel.
“All actors, public and private, will have to step up their efforts, in particular by increased cooperation between member states and enhanced security requirements.”

Member states have recognized that they need to improve cooperation in terms of cyber-security. The national computer security incident response teams (CSIRTs) will have a new network joining the states together and a new group will be formed to enable it.

There still needs to be a formal agreement and it should be officially agreed on December 18. Council and Parliament will be required to make a formal adoption. Once in place EU states will have 21 months to adopt the new regulations with an extra 6 months to decide their essential service operators. Starting from 2017, the Europe’s cyber security will be improved, with all rules to be in place by mid-2019.

If you need more information about how this may affect you as a data centre customer, please contact us and we will be glad to advise.