The European Parliament on Thursday approved new cybersecurity regulations that require European Union member states to adopt stricter standards for the supervision and implementation of cybersecurity measures and extend the measures to «essential» sectors such as energy, healthcare and banking.
The new legislation, adopted with 577 votes in favor, six against and 31 abstentions, establishes cybersecurity conditions for companies, administrations and infrastructures and comes in the midst of a wave of attacks on critical infrastructure in the EU, including the sabotage of the Nord Stream gas pipeline at the end of September.
Cybersecurity measures will be more stringent in terms of risk management, reporting and information sharing and more entities and sectors will have to take steps to protect themselves from cyber threats.
Among the key sectors covered by the new provisions of the standard are energy, transport, banking, health, digital infrastructure, public administration and Space. In the negotiations, the European Parliament has managed to set «clear and precise» rules also for corporations and pushed to include as many government and public bodies as possible within the scope of the directive.
According to the rapporteur, Dutch Liberal Bart Groothuis, the regulation strengthens security control over 160,000 entities, with the aim of making Europe «a safe place to live and work», and he said that it will make it possible to share information with the private sector. «If we are being attacked on an industrial scale, we must respond on an industrial scale,» he said.
