News

Brussels, 4 May 2018

European Commission Vice-President Andrus Ansip, responsible for the Digital Single Market, Commissioner for Migration, Home Affairs and Citizenship Dimitris Avramopoulos, Commissioner for the Security Union Julian King and Commissioner Mariya Gabriel, in charge of Digital Economy and Society, have issued a statement on the first EU-wide legislation on cybersecurity – the Directive on Security of Network and Information Systems (NIS Directive) that Member States have to transpose into national law by 9 May 2018:

"The adoption of the NIS Directive two years ago was a turning point for the EU's efforts to step up its cybersecurity capacities. Thanks to this first EU cybersecurity law, Member States have strengthened their cooperation for a European cybersecurity policy and are coordinating efforts to build their response capacities. The Commission is working closely with Member States to assist with the Directive's transposition.

To further boost the Union's cybersecurity, the EU should swiftly give a strong and permanent mandate to its Agency for Cybersecurity, the European Union Agency for Network and Information Security (ENISA) and establish an EU framework for cybersecurity certification. Together with Member States we should also complete the joint work on the blueprint for cooperation in the event of large scale cross-border cybersecurity incidents and crises that mainstreams cybersecurity to existing crisis management mechanisms at EU level.

To help Member States rapidly transpose the NIS Directive and build their capabilities, the Connecting Europe Facility (CEF) programme is providing €38 million in funding until 2020 to support national CSIRTs as well as other NIS Directive stakeholders, such as the operators of essential services and digital service providers. Member States should use the opportunities given by this funding source to the fullest."