Industry Committee adopts report on the NIS2 Directive

The Commission initiative on the European Cyber Resilience Act adds to an existing proposal for a Directive on Security of Network and Information Systems, commonly known as the NIS2 Directive. According to the legislative text adopted on 28 October 2021 by the lead European Parliament Committee on Industry, Research and Energy, EU Member States would have to meet stricter supervisory and enforcement measures and harmonise their sanctions regimes.

To recall, the NIS2 Directive will repeal the current NIS Directive, reforming the rules on the security of network and information systems and increasing the level of cyber resilience required of critical public and private sectors. Compared to the existing legislation, the new directive would obligate more entities and sectors to take measures. It also aims to reduce inconsistencies across the internal market by aligning scope, security and incident reporting requirements, national supervision, enforcement, as well as the capabilities of competent authorities.

The Report by rapporteur Bart Groothuis (The Netherlands, Renew Europe) on measures for a high common level of cybersecurity across the Union was adopted with 70 votes to 3, with 1 abstention. MEPs also voted to open negotiations with Council.

Next steps

The negotiating mandate on NIS2 is due to be announced during the European Parliament’s next plenary session on 10 November.

For further information contact Natallia Karniyevich

Sign up for our Connected newsletter for a monthly round-up from our Regulatory & Public Affairs team.

 

 

 

 

 

Latest insights

More Insights
featured image

Taking the EU AI Act to Practice: How the Final GPAI Guidelines Shape the AI Regulatory Landscape

8 minutes Jul 31 2025

Read More
cameras

Connected - July 2025

Jul 30 2025

Read More
Curiosity line green background

June 2025: Australian Sports Law Update

Jul 29 2025

Read More