First EU-wide cybersecurity rules: the NIS Directive

Research output: Other contributionScientific


The recently adopted Directive (EU) 2016/1148 of the European Parliament and the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union is a landmark development as the first EU-wide cybersecurity rules. The paper analyses the Directive’s central provisions. These include establishing Computer Security Incident Response Teams (CSIRTs) to promote effective operational cooperation on incidents and sharing information about risks; collaboration among the Member States to set up a Cooperation Group for strategic cooperation; and the requirements on operators of essential services and digital service providers to take appropriate security measures and to notify serious incidents to relevant authorities. The paper concludes with an assessment on how well it can be expected to deliver the demands set upon it, and in particular the security needs of the Industrial Internet, also called Industry 4.0.
Original languageEnglish
Number of pages5
Publication statusPublished - 6 Sept 2016

Publication series

NameDisruption Briefs
PublisherAalto University
ISSN (Electronic)2343-371X


Dive into the research topics of 'First EU-wide cybersecurity rules: the NIS Directive'. Together they form a unique fingerprint.

Cite this