The EU NIS Directive and UK NIS Regulations—timeline
The EU NIS Directive and UK NIS Regulations—timeline

The following Information Law practice note provides comprehensive and up to date legal information covering:

  • The EU NIS Directive and UK NIS Regulations—timeline
  • Key developments

This timeline sets out key dates and information relating to:

  1. the EU’s Network and Information Systems Directive (NIS Directive), Directive (EU) 2016/1148—also known as the ‘Cybersecurity Directive’ or ‘Network and Information Security Directive’

  2. the UK’s Network and Information Systems Regulations 2018 (NIS Regulations), SI 2018/506

It includes strategy documents, consultations, progress reports as well as opinions and guidance issued by a range of organisations on the development of the NIS Directive and NIS Regulations.

For more information, see Practice Notes:

  1. The Network and Information Systems Regulations 2018

  2. Cybersecurity breach notification requirements

Key developments

DateInstitutionSummary
31 December 2020EU and UKEnd of the Brexit implementation (or ‘transition’) period: the Cybersecurity Directive ceases to apply in the UK. NIS Regulations continue to apply in the UK (as amended by Brexit legislation). See Practice Note: Brexit—cybersecurity.

Other reforms to NIS Regulations: the Network and Information Systems (Amendment and Transitional Provision etc) Regulations 2020, SI 2020/1245 also come into force.
17 December 2020European CommissionCommission publishes proposals for reform of the NIS Directive (see: LNB News 17/12/2020 73) and a Cybersecurity Strategy (see: LNB News 17/12/2020 91).
10 November 2020ParliamentThe Network and Information Systems (Amendment and Transitional Provision etc) Regulations 2020, SI 2020/1245 laid before Parliament. They come into force on 31 December 2020.
10 November 2020Department for Digital, Culture, Media & Sport (DCMS)DCMS published a response to the call

Popular documents