As the threat posed by cybercrime, online industrial surveillance and attacks on critical infrastructure is growing, the introduction of specific laws in this area across the EU will have a significant impact.
In early December 2015, the agreed text of the Network and Information Security Directive (the “NIS Directive”) was released. The NIS Directive provides legal measures to boost the overall level of cybersecurity in the EU and is due to become law in August 2016 with EU member states to be given 21 months to ratify it.
The NIS Directive will have many benefits including:
- The EU economy will gain more reliable services and a culture of incident reporting – creating more equal and stable conditions for anyone trying to compete in the Digital Single Market;
- Improved cooperation between Member States on cybersecurity; and
- It will ensure a high level of risk management practices in key sectors (such as energy, transport, banking and health).
Once adopted and implemented, the NIS Directive will benefit citizens, as well as government and businesses who will be able to rely on more secure digital networks and infrastructure in order to provide their essential services at home and across borders.
It is not clear yet how Brexit may possibly impact upon implementation of these measures in the UK. While Ireland will continue to conform to EU standards post-Brexit, the UK may not.