Cybersecurity

The importance of implementing cybersecurity measures has been highlighted in recent years by high profile security failures involving the internet, the technology, and the services which support and make use of it. Against this backdrop, cybersecurity is of growing significance both to businesses and individuals. 

On 16 December 2020, the European Commission and the High Representative of the Union for Foreign Affairs and Security Policy presented an EU Cyber Security Strategy. This strategy covers the security of essential services in the EU (eg hospitals, energy grids and railways) but also the security of connected objects in homes, offices and factories. The strategy focuses on building collective capabilities to respond to major cyber attacks and working internationally to ensure international security and stability in cyberspace.

Key EU cybersecurity initiatives include the EU Cybersecurity Act, the Digital Operational Act (DORA), the NIS 2 Directive, the EU Critical Entities Resilience Directive (CER Directive), the EU Cyber Security Regulation, the EU Cyber Resilience Act and the EU Cyber Solidarity Act.

Practice Note: EU Cybersecurity initiatives tracker tracks the key steps of legislative initiatives on cybersecurity in the EU.

Practice

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

Powered by Lexis+®
Latest EU Law News

EU adopts regulation streamlining financial services reporting requirements

The European Parliament and Council have adopted Regulation (EU) 2025/… of 8 October 2025 amending Regulations (EU) No 1092/2010, (EU) No 1093/2010, (EU) No 1094/2010, (EU) No 1095/2010, (EU) No 806/2014, (EU) 2021/523 and (EU) 2024/1620 regarding reporting requirements in financial services and investment support (otherwise known as the Better Data Sharing Regulation). The regulation introduces new information sharing obligations between EU financial authorities including the European Supervisory Authorities (ESAs), European Systemic Risk Board (ESRB), Single Resolution Board (SRB), European Central Bank (ECB) and the Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLA), implementing a 'report once' principle whereby authorities must request information from other authorities rather than directly from financial institutions where possible. The regulation requires European Supervisory Authorities (ESAs) to prepare a feasibility study for a cross-sectoral integrated reporting system within 60 months, establish a permanent single contact point for reporting duplicative requirements, and grants authorities discretionary powers to share anonymised information with researchers for innovation purposes. The regulation also changes InvestEU Programme reporting frequency from biannual to annual and mandates authorities to review and propose removal of redundant reporting requirements within 24 months.

View EU Law by content type :

Popular documents