Cybersecurity

Cybersecurity

The importance of implementing cybersecurity measures has been highlighted in recent years by high profile security failures involving the internet, the technology, and the services which support and make use of it. Against this backdrop, cybersecurity is of growing significance both to businesses and individuals.

On 16 December 2020, the European Commission and the High Representative of the Union for Foreign Affairs and Security Policy presented an EU Cyber Security Strategy. This strategy covers the security of essential services in the EU (eg hospitals, energy grids and railways) but also the security of connected objects in homes, offices and factories. The strategy focuses on building collective capabilities to respond to major cyber attacks and working internationally to ensure international security and stability in cyberspace.

Key EU cybersecurity initiatives include the EU Cybersecurity Act, the Digital Operational Act (DORA), the NIS 2 Directive, the EU Critical Entities Resilience Directive (EU CER), the EU Cyber Security Regulation, the EU Cyber Resilience Act and the EU Cyber Solidarity Act.

Practice Note: EU Cybersecurity initiatives tracker tracks the key steps of legislative initiatives on cybersecurity in the EU.

Other EU legislation

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

TAKE A FREE TRIAL

Latest EU Law News

European Commission initiates review of Technology Transfer rules

The European Commission has published findings from its evaluation of Commission Regulation (EU) No 316/2014 (the Technology Transfer Block Exemption Regulation or TTBER) and accompanying Guidelines. The Commission has determined that while the rules have been largely effective, improvements are needed in areas such as market share thresholds, data licensing, and technology pools. The Commission will now launch an impact assessment to explore policy options for revising the rules before their expiration in April 2026. A public consultation is planned for December 2024, allowing stakeholders to provide input on potential changes to ensure the rules remain fit for purpose in the evolving technological landscape.4o

JRC identifies 18 product categories for potential EU ecodesign regulation

The Joint Research Centre (JRC) has published a report assessing various product categories for potential regulation under the new EU Regulation 2024/1781 (the Ecodesign for Sustainable Products Regulation (ESPR)). The JRC has identified 18 product groups, including both final and intermediate products, which show significant potential for reducing environmental impacts and enhancing EU strategic autonomy if regulated under the ESPR. The findings will inform the Commission's first ESPR Working Plan, due for adoption in the first half of 2025. The report also highlights the potential of horizontal requirements on durability, recyclability, and recycled content across multiple product groups.

Questions & unsatisfactory answers—the European Commission publishes guidance on the importer requirements of the EU Methane Regulation

EU Law analysis: Alex Kerr, partner at Baker Botts LLP, examines the European Commission’s Q&A document on the importer requirements of the EU Methane Regulation.

European Payments Council initiates call for interest in VOP scheme services

The European Payments Council (EPC) has issued a call for interest, inviting organisations to express their interest in providing services as routing and/or verification mechanisms (RVM) that comply with the verification of payee (VOP) scheme. The EPC developed the VOP scheme to help payment service providers (PSPs) in the European Union (EU) and the European Economic Area (EEA) comply with new regulatory requirements for payee verification, which will take effect on 5 October 2025. Responses are sought by 20 December 2024.