United Kingdom (and EU regulation)

New EU Cybersecurity Strategy and new rules to make physical and digital critical entities more resilient

On 16 December 2020, the European Commission published a new EU cybersecurity strategy.

Key components of the strategy include:

A proposed Directive on measures for a high common level of cybersecurity across the EU (revised NIS Directive or ‘NIS 2′), in order to increase the level of cyber resilience of critical public and private sectors.
The launch of a network of security operations centres across the EU, powered by artificial intelligence (AI), which will constitute a real ‘cybersecurity shield’ for the EU, able to detect signs of a cyberattack early enough and to enable proactive action, before damage occurs.
The creation of a new joint cyber unit, to strengthen cooperation between EU bodies and Member State authorities responsible for preventing, deterring and responding to cyber-attacks, including civilian, law enforcement, diplomatic and cyber defence communities.
A proposed Critical Entities Resilience Directive which expands both the scope and depth of the 2008 European Critical Infrastructure Directive.