JUL 06, 2016 | EUROPEAN UNION
BSA applauds European Parliament's adoption of first ever EU cybersecurity legislation
BRUSSELS — July 6, 2016 — The European Parliament adopted today the first ever EU legislation on cybersecurity, the Network and Information Security (NIS) Directive, marking the final step in the legislative process. The move brings the EU one step closer to completing the Digital Single Market by providing a common framework to bolster the continent’s cyber resilience.
“We welcome the adoption of the Directive and congratulate the co-legislators for producing a balanced and robust text to foster trust and security in the digital world. We are convinced that the Directive will help digital service providers provide better security to their customers and we commend the EU co-legislators for their efforts on this vital piece of legislation” said Thomas Boué, Director General, Policy – EMEA.
Cybersecurity is important to BSA and its Members. In its recent EU Cybersecurity Dashboard, BSA has laid bare the legal patchwork and the considerable discrepancies that exist between EU Member States. The NIS Directive thus becomes a stepping stone towards a more uniform level of protection against cyber threats across the EU.
“We now look forward to a smooth implementation process, and we trust that EU decision-makers will quickly focus their efforts on securing the networks that manage today’s essential services and operations, such as the critical infrastructure that provides our power, water, and transportation grids. Protecting against the economic and societal risks of a cyber-attack on such networks should be their top priority,” commented Boué.
The NIS Directive, proposed by the Commission in 2013, aims at ensuring a high common level of cybersecurity in the EU, by improving Member States' national cybersecurity capabilities and fostering cooperation between Member States, and between public and private sectors. The NIS Directive requires companies in critical sectors – such as energy, transport, banking and health – as well as key digital service providers to adopt risk management practices and report major incidents to the national authorities.