<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
	<channel>
		<title>cyber law on ExcellentWiki - Legal Encyclopedia</title>
		<link>https://legal.excellentwiki.com/eu/cyber-law/</link>
		<description>Recent content in cyber law on ExcellentWiki - Legal Encyclopedia</description>
		<generator>Hugo</generator>
		<language>en-US</language>
		
		
		
		
			<lastBuildDate>Mon, 06 Jul 2026 00:00:00 +0000</lastBuildDate>
		
			<atom:link href="https://legal.excellentwiki.com/eu/cyber-law/index.xml" rel="self" type="application/rss+xml" />
			<item>
				<title>EU Cyber Law</title>
				<link>https://legal.excellentwiki.com/eu/cyber-law/eu-cyber-law/</link>
				<pubDate>Mon, 06 Jul 2026 00:00:00 +0000</pubDate>
				<guid>https://legal.excellentwiki.com/eu/cyber-law/eu-cyber-law/</guid>
				<description>&lt;h2 id=&#34;the-nis-2-directive&#34;&gt;The NIS 2 Directive&lt;/h2&gt;&#xA;&lt;p&gt;Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022, commonly known as NIS 2, constitutes the principal legislative instrument addressing cybersecurity across the European Union. Repealing and replacing the original NIS Directive (Directive (EU) 2016/1148), NIS 2 substantially expands the scope of European cybersecurity regulation from approximately 10,000 entities under the original NIS Directive to an estimated 160,000 entities across eighteen sectors. The Directive distinguishes between &lt;strong&gt;essential entities&lt;/strong&gt; (energy, transport, banking, financial market infrastructure, health, drinking water, wastewater, digital infrastructure, ICT service management, public administration, and space) and &lt;strong&gt;important entities&lt;/strong&gt; (postal and courier services, waste management, chemicals, food, manufacturing, digital providers, and research), subjecting essential entities to a more stringent regulatory regime including ex ante supervision and higher penalty exposure. NIS 2 establishes a comprehensive set of cybersecurity risk management measures that covered entities must implement, focusing on the &lt;strong&gt;security of network and information systems&lt;/strong&gt; and addressing policies on risk analysis, incident handling, business continuity, supply chain security, vulnerability disclosure, and the use of cryptography. Member States must ensure that essential entities face maximum administrative fines of at least €10 million or two per cent of annual worldwide turnover, and important entities at least €7 million or 1.4 per cent of annual worldwide turnover. The Directive requires Member States to designate national competent authorities, single points of contact, and Computer Security Incident Response Teams, and establishes the European Cyber Crises Liaison Organisation Network (EU-CyCLONe) for coordinated response to large-scale cybersecurity incidents.&lt;/p&gt;</description>
			</item>
	</channel>
</rss>
