Thoroughly knowledgeable,
very pragmatic and

Chambers Guide


Keep up to date with our latest insight pieces, news and industry developments. See below for the latest posts or use the categories to hone your search for stories of interest.

Rather listen? The WABChats Podcast provides engaging and informative conversations with contacts, clients, advisors and friends of White & Black Limited. Listen Now.

Cyber Security: agreement reached on new EU rules

Political agreement between the European Commission, Parliament and Council has recently been reached on the first EU-wide rules on cyber security.

The Network and Information Security (NIS) Directive (commonly known as the Cyber Security Directive) will require “operators of essential services” in the energy, transport, banking, financial market infrastructure, healthcare and water sectors, and “digital service providers” of search engines, online marketplaces and cloud computing services, to put in place appropriate security measures and to report security incidents to the national authorities. It also aims to improve cyber security measures across the EU, and enhance Member States’ cooperation on such issues, in order to foster the trust and security in the digital economy necessary to achieve a Digital Single Market across the EU.

The NIS Directive was the main proposal under the 2013 EU Cybersecurity Strategy, which identified the following five strategic priorities for tackling cyber threats:

  1. Achieving cyber resilience
  2. Drastically reducing cybercrime
  3. Developing a cyber defence policy and capabilities related to the Common Security and Defence Policy
  4. Developing industrial and technological resources for cyber security
  5. Developing a coherent international cyber space policy for the EU and promote core EU values

Next steps

The draft text of the NIS Directive is now in the final stages of negotiation between the European Parliament and European Council, and will come into force once formally approved. Member States will then have 21 months to implement the NIS Directive into their national laws, and a further 6 months to identify operators of essential services.

Once the final text of the NIS Directive is published, we will provide a detailed update on its key features and business impact.

Link to the European Commission’s press release.

Disclaimer: This article is produced for and on behalf of White & Black Limited, which is a limited liability company registered in England and Wales with registered number 06436665. It is authorised and regulated by the Solicitors Regulation Authority. The contents of this article should be viewed as opinion and general guidance, and should not be treated as legal advice.

This site uses cookies to improve your user experience. By using this site you agree to these cookies being set. To find out more see our cookies policy