EU reaches milestone agreement on cybersecurity rules

Council of Europe and European Union agree first regulations on cybersecurity for 28-nation bloc

Organisations operating "essential systems" in the EU will soon have to abide by a new set of cybersecurity rules that were agreed yesterday by the European Union and Council of Europe.

The guidelines mandate that critical systems must be robust enough to withstand cyber attacks, and will apply to all organisations operating within the transport, utilities, banking and finance industries.

Cloud service providers and online marketplaces will also be affected, as well as search engines like Google.

German MEP Andreas Schwab described the agreement between the two supranational bodies as "a milestone" in ending the fragmented approach to cybersecurity in critical sectors currently in place across the 28-nation bloc.

"Parliament has pushed hard for a harmonised identification of critical operators in energy, transport, health or banking fields, which will have to fulfil security measures and notify significant cyber incidents," he said. "Member states will have to cooperate more on cybersecurity - which is even more important in light of the current security situation in Europe."

Schwab added: "This directive marks the beginning of platform regulation. Whilst the Commission's consultation on online platforms is still ongoing, the new rules already foresee concrete definitions - a request that Parliament had made since the beginning in order to give its consent to the inclusion of digital services," he said.

The rules, which are separate from the General Data Protection Regulation currently making its way through the European Parliament, have been welcomed by the security industry.

Piers Wilson, head of product management at Huntsman Security, said: "The EU cybersecurity rules present a real opportunity to move computer security and data protection laws on from the 1990s."

He added, though, that the rules "must ensure that a 'robust' infrastructure is one that can really protect against 21st century threats", meaning not just prevention but also rapid detection and resolution.

Featured Resources

Edge-enabled mobility of the future

Turning vehicle data into value

Download now

Modern networking for the borderless enterprise

Five ways top organisations are optimising networking at the edge

Download now

Address multi-cloud configuration risks

Cloud security challenges and how to overcome them

Watch now

The total economic impact of IBM Security Verify

Cost savings and business benefits enabled by IBM Security Verify

Download now

Recommended

How to enable private browsing on any device
privacy

How to enable private browsing on any device

8 Mar 2021
IT security awareness and training firm KnowBe4 acquires MediaPRO
Acquisition

IT security awareness and training firm KnowBe4 acquires MediaPRO

3 Mar 2021
High-risk email security threats increased by 32% last year
phishing

High-risk email security threats increased by 32% last year

3 Mar 2021
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

3 Mar 2021

Most Popular

UK gov flip-flops on remote work, wants it a standard for all jobs
flexible working

UK gov flip-flops on remote work, wants it a standard for all jobs

5 Mar 2021
Star Alliance passenger data stolen in SITA data breach
data breaches

Star Alliance passenger data stolen in SITA data breach

5 Mar 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021