The EC will revise the NIS Directive to include more critical industries.
A strategy built on three pillars: On 16 December 2020, the European Commission presented the new EU Cybersecurity Strategy, which sits on three pillars. The first will involve building a network of Security Operations Centres as a ‘cybersecurity shield' for the EU. The second is about creating a new Joint Cyber Unit, to strengthen cooperation between the EU and Member states, and the third will increase international cooperation through an EU External Cyber Capacity Building Agenda.
The NIS Directive will be revised: The EC proposed a revised version of the Network and Information Systems Directive (NIS 2.0), which will be expanded to new critical sectors of the economy and society. The distinction between operators of essential services and digital service providers will be eliminated.
Member states must complete the adoption of the 5G Toolbox: The EC also reported on the implementation of the 5G Toolbox adopted in March 2019 to reduce dependence on high-risk network vendors. Member states are generally on track to implement the measures in the Toolbox, though the EC called on all EU countries to complete the implementation by Q2 2021.