Network and Information Security (cepPolicyBrief COM2020_823)
cepPolicyBrief

Information Technology

Network and Information Security (cepPolicyBrief COM2020_823)

Philipp Eckhardt
Philipp Eckhardt

Cyber attacks increasingly threaten the security of companies in the European Union, in particular, energy suppliers, oil pipelines and hospitals. The EU Commission therefore wants to improve the level of cyber security, especially for critical infrastructures, and tighten reporting requirements.

cepPolicyBrief

Status

"The economic and societal damage caused by cyber attacks on critical infrastructure facilities is immense. Against this background, the new obligations for companies to also minimise risks in supply chains are appropriate and necessary. However, the measures should be limited to suppliers of IT products and services that are crucial for the continuation of these companies' business activities," says cep cyber expert Philipp Eckhardt, who wrote the cepPolicyBrief.

According to Eckhardt, the new reporting procedures increase legal clarity. In addition, the single-entry point for notifications reduces the administrative burden for notifying entities. "However, the obligation to report incidents within 24 hours could prove too demanding," Eckhardt emphasises.

Download PDF

Network and Information Security (cepPolicyBrief COM(2020)_823) (publ. 06.29.2021) PDF 208 KB Download
Network and Information Security (cepPolicyBrief COM(2020)_823)
Network and Information Security (cepDocument COM(2020)_823) (publ. 06.29.2021) PDF 143 KB Download