European Union: Opened consultation on Implementing Regulation for EU NIS 2 Directive concerning ybersecurity risk management and reporting obligations for digital infrastructure, providers and ICT service managers

On 27 June 2024, the European Commission opened a consultation until 25 July 2024 on the implementing regulation laying down the rules for the application of Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union (NIS 2 Directive). In particular, the regulation outlines the technical and methodological requirements of cybersecurity risk-management measures. Furthermore, it specifies the cases in which an incident is considered to be significant with regard to DNS service providers, TLD name registries, cloud computing service providers, data centre service providers, content delivery network providers, managed service providers, managed security service providers, providers of online market places, of online search engines and of social networking services platforms, and trust service providers.