28/11/2022 (Agence Europe) – On Monday 28 November, the Council of the EU formally adopted the revised ‘NIS 2’ directive, which aims to achieve a common high level of cybersecurity throughout the EU. The text provides for stricter obligations in the cybersecurity sector in terms of risk management, reporting and information sharing. Sectors defined as ‘essential’, such as energy, transport and public administration, are now covered by the directive. The text also establishes a framework for improved cooperation between different authorities and Member States and creates a European database on vulnerabilities. The provisional political agreement reached by the Council of the EU and the European Parliament (see EUROPE 12952/1) was approved by MEPs on 10 November (see EUROPE 13061/12). Member States will have 21 months from the entry into force of the directive to transpose it into national law. (TM)