European Union: Announced EU-US Initiative to Compare Cyber Incident Reporting Frameworks

On 20 March 2024, the US Department of Homeland Security (DHS) and the European Commission's Directorate General for Communications, Networks, Content, and Technology (DG CONNECT) announced an initiative to compare cyber incident reporting elements that will inform cyber incident reporting requirements by the US and European Union (EU) under the NIS 2 Directive of the EU. The joint report developed by DHS and DG CONNECT provides a comparative assessment and factual overview of recommendations from the US Cyber Incident Reporting Council and the 2023 DHS report on Harmonization of Cyber Incident Reporting to the Federal Government and EU's Directive 2022/2555 on measures for a high level of cybersecurity across the Union (NIS 2 Directive) by identifying the main similarities and divergences. The findings in this report will help inform DHS's and DG CONNECT's approach to evaluating cyber incident reporting processes in the future.