Network and Information Security Directive

The Network and Information Security Directive (aka NIS Directive or Cybersecurity Directive) is proposed legislation by the European Commission.

It aims to create a single "competent authority" in each member state to deal with information security issues. In the UK this would likely be some branch of the security services (e.g. OCSIA/CSOC). This would be the authority that security breaches would be reported to, which in turn would decide if the information can be publicly released.

Authorities would also have the power to "issue binding instructions to market operators and public administrations" which would enable them to make demands equivalent to those of the draft Communications Data Bill.

It also requires that each country establish a national CERT. (e.g. CERT-UK.)

See also: European Network and Information Security Agency, Attacks Against Information Systems Directive, Cyber Security Strategy

External links