Organisations operating "essential systems" in the EU will soon have to abide by a new set of cybersecurity rules that were agreed yesterday by the European Union and Council of Europe.
The guidelines mandate that critical systems must be robust enough to withstand cyber attacks, and will apply to all organisations operating within the transport, utilities, banking and finance industries.
Cloud service providers and online marketplaces will also be affected, as well as search engines like Google.
German MEP Andreas Schwab described the agreement between the two supranational bodies as "a milestone" in ending the fragmented approach to cybersecurity in critical sectors currently in place across the 28-nation bloc.
"Parliament has pushed hard for a harmonised identification of critical operators in energy, transport, health or banking fields, which will have to fulfil security measures and notify significant cyber incidents," he said. "Member states will have to cooperate more on cybersecurity - which is even more important in light of the current security situation in Europe."
Schwab added: "This directive marks the beginning of platform regulation. Whilst the Commission's consultation on online platforms is still ongoing, the new rules already foresee concrete definitions - a request that Parliament had made since the beginning in order to give its consent to the inclusion of digital services," he said.
The rules, which are separate from the General Data Protection Regulation currently making its way through the European Parliament, have been welcomed by the security industry.
Piers Wilson, head of product management at Huntsman Security, said: "The EU cybersecurity rules present a real opportunity to move computer security and data protection laws on from the 1990s."
He added, though, that the rules "must ensure that a 'robust' infrastructure is one that can really protect against 21st century threats", meaning not just prevention but also rapid detection and resolution.
-
Anthropic CEO Dario Amodei claimed AI would be writing 90% of code by this point – we're still a long way offNews In March, Anthropic CEO Dario Amodei claimed up to 90% of code would be written by AI within six months – his prediction hasn't quite come to fruition.
-
Veracode bolsters leadership team for next growth chapterNews The application security vendor has named Anthony Barkley as chief strategy officer and Diana Bushard as general counsel
-
Three things you need to know about the EU Data Act ahead of this week's big compliance deadlineNews A host of key provisions in the EU Data Act will come into effect on 12 September, and there’s a lot for businesses to unpack.
-
The second enforcement deadline for the EU AI Act is approaching – here’s what businesses need to know about the General-Purpose AI Code of Practice
News General-purpose AI model providers will face heightened scrutiny
-
Meta isn’t playing ball with the EU on the AI ActNews Europe is 'heading down the wrong path on AI', according to Meta, with the company accusing the EU of overreach
-
‘Confusing for developers and bad for users’: Apple launches appeal over ‘unprecedented’ EU fineNews Apple is pushing back against new app store rules imposed by the European Commission, suggesting a €500m fine is a step too far.
-
Apple, Meta hit back at EU after landmark DMA finesNews The European Commission has issued its first penalties under the EU Digital Markets Act (DMA), fining Apple €500 million and Meta €200m.
-
‘Europe could do it, but it's chosen not to do it’: Eric Schmidt thinks EU regulation will stifle AI innovation – but Britain has a huge opportunityNews Former Google CEO Eric Schmidt believes EU AI regulation is hampering innovation in the region and placing enterprises at a disadvantage.
-
The EU just shelved its AI liability directive
News The European Commission has scrapped plans to introduce the AI Liability Directive aimed at protecting consumers from harmful AI systems.
-
A big enforcement deadline for the EU AI Act just passed – here's what you need to know
News The first set of compliance deadlines for the EU AI Act passed on the 2nd of February, and enterprises are urged to ramp up preparations for future deadlines.
