The progress of digital transformation has inevitably led to new cybersecurity threats. Also the COVID19 crisis has again exposed the cyber vulnerabilities of some critical sectors, in particular healthcare, while teleworking and social distance has increased our dependency on digital technologies and connectivity.
As a consequence, in December 2020 the European Commission launched a new EU Cybersecurity Strategy to make physical and digital critical entities more resilient.
The European Parliament and the Coucil reached a deal on May 2022 on the new rules to strengthen EU-wide resilience
The agreed text sets tighter cybersecurity obligations in terms of risk management, reporting obligations and information sharing. The requirements include incident response, supply chain security, encryption and vulnerability disclosure, among other provisions.