On Thursday 17 October, the European Commission adopted new implementing rules for the cybersecurity of critical entities and networks, as part of the revised directive on network and information security (NIS2 Directive).
These new rules, set out in an implementing act, detail cybersecurity risk management measures and the cases in which an incident should be considered significant and companies providing digital infrastructures and services should report it to the national authorities.