European Union: Cybersecurity regulation in Proposal for a Regulation on the European Union Agency for Cybersecurity (ENISA), the European cybersecurity certification framework, and ICT supply chain security (The Cybersecurity Act 2)
Progress
Current status
under deliberation
20 Jan 2026 under deliberation
Scope
Implementers
Austria
Belgium
Bulgaria
Croatia
Cyprus
Czechia
Denmark
Estonia
Finland
France
Germany
Greece
Hungary
Ireland
Italy
Latvia
Lithuania
Luxembourg
Malta
Netherlands
Poland
Portugal
Romania
Slovakia
Slovenia
Spain
Sweden
Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
cross-cutting
Government Branch
executive
Government Body
central government
Implementation Level
supranational
Timeline of events
European Commission submitted Proposal for a Regulation on the European Union Agency for Cybersecurity (ENISA), the European cybersecurity certification framework, and ICT supply chain security (The Cybersecurity Act 2) including cybersecurity regulation
On 20 January 2026, the European Commission submitted the Proposal for a Regulation of the European Parliament and of the Council on the European Union Agency for Cybersecurity (ENISA), the European cybersecurity certification framework, and ICT sup…
SourceEvent type
law
Action type
introduction
Government branch
executive
Government body
central government