[en] Cybersecurity regulation in the EU has long been implemented in a piece- meal fashion resulting in a fragmented regulatory landscape. Recent developments triggered the EU to review its approach which has not resulted in the envisaged high level of cyber resilience across the Union. The paper addresses the EU’s limited mandate to regulate cybersecurity and outlines how the internal market rationale serves as a basis to harmonise cybersecurity legislation in the EU Member States. In that regard, the recent Proposal for a NIS 2.0 Directive (adopted by the European Parliament in November 2022) and the Proposal for a Cyber Resilience Act (published in September 2022) highlight how the EU seeks to align legislation and reduce complexity between different, often sectoral regulatory approaches to cybersecurity, while at the same time extending regulation in a view to achieve a high level of cybersecurity across the EU. As regards the latter, the paper also outlines how the Cyber Resilience Act will complement the NIS 2.0 Directive in order to close existing regulatory gaps.
Disciplines :
European & international law Engineering, computing & technology: Multidisciplinary, general & others Law, criminology & political science: Multidisciplinary, general & others
Author, co-author :
Cole, Mark David ; University of Luxembourg > Faculty of Law, Economics and Finance (FDEF) > Department of Law (DL)
Schmitz, Sandra ; University of Luxembourg > Faculty of Law, Economics and Finance (FDEF) > Department of Law (DL)
External co-authors :
no
Language :
English
Title :
Towards an Efficient and Coherent Regulatory Framework on Cybersecurity in the EU: The Proposals for a NIS 2.0 Directive and a Cyber Resilience Act
