The proposal for a Directive concerning measures to ensure a high common level of network and information security across the Union was put forward by the European Commission in 2013. Two years later, the Parliament and the Council have agreed on a set of measures to boost the overall level of cybersecurity in the EU.
The new rules will:
Following this political agreement, the text will have to be formally approved by the European Parliament and the Council. Upon publication of the adopted text in the Official Journal, the Member States will have 21 months to implement this Directive into their national laws and 6 months more to identify operators of essential services.
For more information, read the press release.
You can find here the original text of the Directive, as proposed in 2013. The new text will be available once adopted.