EU member states have agreed upon legislation that will focus on tightening cybersecurity obligations across the region.
MEPs agreed on the enforcement measures last Thursday in a bid to provide stricter supervision over a multitude of areas.
Risk Management, reporting obligations and information sharing were all of considerable concern of the EU Council back in May, as the new cybersecurity rules also cover incident response, supply chain security, encryption and vulnerability disclosure, among other areas.
“Essential sectors”, including banking, and digital infrastructure, will be covered by the new measures. The new security provisions will also protect “important sectors” such as electronic and digital providers, as the EU bolsters its digital protection infrastructure.
“This is the best cyber security legislation this continent has yet seen, because it will transform Europe to handling cyber incidents pro-actively and service orientated,” said Dutch VVD party MEP, Bart Groothuis.
“Ransomware and other cyber threats have preyed on Europe for far too long. We need to act to make our businesses, governments and society more resilient to hostile cyber operations.”
During negotiations, MEP’s called on the need for “clear and precise” rules for companies pertaining to cybersecurity. Members also insisted on the need for government involvement to provide a wider scope of the directive.
The broad inclusion of government figureheads also establishes a framework for better cooperation and information sharing between different authorities and member states, creating a European vulnerability database.
Groothuis added: “This European directive is going to help around 160,000 entities tighten their grip on security and make Europe a safe place to live and work.
“It will also enable information sharing with the private sector and partners around the world. If we are being attacked on an industrial scale, we need to respond on an industrial scale.”
Votes in favour of the new cybersecurity measures was a one-sided 577 votes to 6, with 31 absentees. The Council has earmarked to adopt the measures before it will be published in the EU’s Official Journal.
