The European Commission has proposed a new cybersecurity package aimed at strengthening the European Union’s resilience and capabilities in response to evolving cyber threats.
The package includes a revision of the Cybersecurity Act, designed to enhance the security of information and communication technology (ICT) supply chains across the EU. The proposal promotes secure-by-design products through a streamlined EU cybersecurity certification framework, simplifies compliance with existing cybersecurity legislation, and reinforces the role of ENISA in supporting member states and EU institutions in preventing and managing cyber incidents.
The revised Cybersecurity Act will now be examined by the European Parliament and the Council of the European Union. The accompanying NIS2 Directive amendments will also be presented for approval. Once adopted, Member States will have one year to implement the Directive into national law and communicate the relevant texts to the Commission.