transposition of the NIS 2 Directive is under public consultation

transposition of the NIS 2 Directive is under public consultation

Talking about NIS 2 is talking about measures to improve cybersecurity and resilience across the European Union. NIS 2 has already been published on December 14, 2022 in the Official Journal of the European Union and is now being transposed into Portuguese law.

The proposed legislative authorization law for approval of the new Cybersecurity Legal Regime, which transposes Directive (EU) 2022/2555, of the European Parliament and of the Council, of 14 December 2024, is available for public consultation until December 7, 2024. December, better known as the NIS 2 Guideline.


What changes with the NIS 2 directive?


The Network and Information Security Directive (SRI or NIS 2) introduces new rules to promote a common high level of cybersecurity across the EU - for both companies and countries. The legislation also makes it possible to strengthen cybersecurity requirements for medium and large entities that operate and provide services in key sectors.


In practice, the new directive increases the level of harmonization regarding security requirements and the obligations of Member States to report incidents.


On one side, the essential entities and on the other, the important entities. The difference between these two types of entities is that essential entities are subject to more stringent regulatory requirements. With NIS 2, there are now 67 types of entities that have to comply with the new directive (with NIS 1 there were “only” 30).


Cybersecurity: transposition of the NIS 2 Directive is now under public consultation


Entity Classification with NIS 2


The scope of application of the directive is broad, and NIS 2 covers the following sectors:


Essential entities


    

  • energy;
    • 

  • transport;
    • 

  • banking sector;
    • 

  • financial market infrastructures;
    • 

  • health;
    • 

  • drinking water and wastewater;
    • 

  • digital infrastructures; management of ICT services (between companies);
    • 

  • public administration
    • 



Important entities


    

  • postal and courier services;
    • 

  • waste management;
    • 

  • production, manufacture and distribution of chemical products;
    • 

  • production, processing and distribution of food products;
    • 

  • manufacturing industry;
    • 

  • digital service providers
    • 

  • investigation
    • 



You can learn more about NIS 2 in this article NIS2: The European Cybersecurity Directive.


Regarding the proposal, you can consult here. Participate and send your comments through the Consulta.LeX portal.

Source: pplware.sapo.pt