On July 6, 2016, the European Union adopted the Directive on Security of Network and Information Systems.
The directive reflects the European Union’s rules regarding cybersecurity and includes provisions in three principal areas: (a) improving the ability to secure information at a national level; (b) increasing cooperation in the area of information security between states in the European Union; and (c) the obligation incumbent upon companies in critical sectors as well as online market places, cloud computing services and search engines to adopt risk management practices, report of security breaches and to comply with general rules of the information security.
The directive will come into force in August 2016, and EU states will be required to incorporate it into their laws by May 2018.
