Cybersecurity

Copyright © 2025 LexisNexis

The importance of implementing cybersecurity measures has been highlighted in recent years by high profile security failures involving the internet, the technology, and the services which support and make use of it. Against this backdrop, cybersecurity is of growing significance both to businesses and individuals. 

On 16 December 2020, the European Commission and the High Representative of the Union for Foreign Affairs and Security Policy presented an EU Cyber Security Strategy. This strategy covers the security of essential services in the EU (eg hospitals, energy grids and railways) but also the security of connected objects in homes, offices and factories. The strategy focuses on building collective capabilities to respond to major cyber attacks and working internationally to ensure international security and stability in cyberspace.

Key EU cybersecurity initiatives include the EU Cybersecurity Act, the Digital Operational Act (DORA), the NIS 2 Directive, the EU Critical Entities Resilience Directive (CER Directive), the EU Cyber Security Regulation, the EU Cyber Resilience Act and the EU Cyber Solidarity Act.

Practice Note: EU Cybersecurity initiatives tracker tracks the key steps of legislative initiatives on cybersecurity in the EU.

Practice

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

Existing user? Sign-in TAKE A FREE TRIAL
Powered by Lexis+®
Latest EU Law News

Opera’s Edge dispute raises key question: Who can challenge EU DMA decisions?

MLex: Web browser Opera's challenge to the European Commission over its refusal to designate Microsoft's Edge as a digital 'gatekeeper' was heard in court this week. It delved into the thorny question of who can challenge the regulator's Digital Markets Act decisions: The law doesn't specify any official status for third parties, despite the commission relying on them to inform its decisions. The outcome of the appeal will be significant for companies that operate in the shadows of the biggest platforms.

EU Commission eyes changes to how AI law covers sector regulated products

MLex: The European Commission is considering changes to how products regulated under EU sectoral product safety laws are covered by the EU’s AI law as part of its wider drive to streamline digital regulations, MLex has learned. The move, which is being considered as part of a digital ‘omnibus’ package due 19 November 2025, could ease obligations for sectors such as medical devices and industrial machinery.

EBA publishes CRR final draft RTS on CVA risk of securities financing transactions

The European Banking Authority (EBA) has published its final draft regulatory technical standards (RTS) made under ​Article 382(6) of the Capital Requirements Regulation (Regulation (EU) No 575/2013) (CRR) specifying the conditions and criteria for assessing whether credit valuation adjustment (CVA) risk exposures arising from fair-valued securities financing transactions (SFTs) are material. The RTS also define the frequency of this assessment.

Commission establishes Digital Commons European Digital Infrastructure Consortium

The European Commission has adopted a decision establishing the Digital Commons European Digital Infrastructure Consortium (DC-EDIC), a new legal instrument enabling Member States to jointly develop, deploy and operate cross-border digital infrastructures with dedicated governance and legal personality. DC-EDIC will have its statutory seat in Paris, with France, Germany, the Netherlands and Italy as founding members, while other Member States may join under fair and reasonable terms. The consortium's governance structure comprises an Assembly of Members, a Director for day-to-day management, and an Advisory Board for strategic orientations. Legal requirements include GDPR-compliant data practices with arrangements for investigating security breaches, default release of jointly developed software under Free and Open-Source licences, and procurement following non-discrimination principles. The consortium is scheduled for official launch in December 2025, with planned milestones including recruitment of the Director and founding team, launch of a DEP support project, and delivery by 2027 of a One-Stop-Shop and Expertise Hub, Digital Commons Forum and Award, and an annual State of the Digital Commons report.

View EU Law by content type :
News
Practice notes
Precedents
Q&As

Popular documents

Late payment penalties—inheritance tax

Late payment penalties—inheritance taxWhile interest often accrues on overdue tax, the late payment of certain taxes may also attract a penalty. For information on the interest accruing on overdue tax, see Practice Notes: IHT—payment deadlines on death—Interest on IHT and Interest on late paid

Strike out—making an application to strike out a statement of case

Strike out—making an application to strike out a statement of caseA strike out order can be made either following an application by the parties or on the court's own initiative. This Practice Note deals with the scenario of the order being made following a party's application.Making an application

Glossary—Latin legal terms

Glossary—Latin legal termsDespite attempts in recent years to simplify the language used in legal cases, there are still a number of Latin phrases commonly used in personal injury claims. The following Latin phrases are listed in alphabetical order:Latin

Template for regulatory references given by SMCR firms and disclosure requirements

Template for regulatory references given by SMCR firms and disclosure requirements[Insert addressee details]Dear [insert name][It is our understanding that [insert name of prospective employee] [was an employee of yours between the dates of [insert dates as appropriate] OR is a current employee of
Late payment penalties—inheritance tax

Late payment penalties—inheritance tax

Late payment penalties—inheritance taxWhile interest often accrues on overdue tax, the late payment of certain taxes may also attract a penalty. For information on the interest accruing on overdue tax, see Practice Notes: IHT—payment deadlines on death—Interest on IHT and Interest on late paid

Strike out—making an application to strike out a statement of case

Strike out—making an application to strike out a statement of case

Strike out—making an application to strike out a statement of caseA strike out order can be made either following an application by the parties or on the court's own initiative. This Practice Note deals with the scenario of the order being made following a party's application.Making an application

Glossary—Latin legal terms

Glossary—Latin legal terms

Glossary—Latin legal termsDespite attempts in recent years to simplify the language used in legal cases, there are still a number of Latin phrases commonly used in personal injury claims. The following Latin phrases are listed in alphabetical order:Latin

Template for regulatory references given by SMCR firms and disclosure requirements

Template for regulatory references given by SMCR firms and disclosure requirements

Template for regulatory references given by SMCR firms and disclosure requirements[Insert addressee details]Dear [insert name][It is our understanding that [insert name of prospective employee] [was an employee of yours between the dates of [insert dates as appropriate] OR is a current employee of