With the COVID-19 pandemic accelerating digital transformation of the Single Market, the European Commission also speeded up the review of the first piece of European Union (EU)-wide cybersecurity legislation, the NIS Directive. Originally foreseen for May 2021, the Commission presented the review as early as December 2020 together with a Proposal for a NIS2 Directive. Almost in parallel, some Member States strengthened (or adopted) national laws beyond the scope of the NIS Directive to respond adequately to the fast-paced digital threat landscape. Against this backdrop, the article investigates the national interventions in the field of cybersecurity recently adopted by Italy and Germany. In order to identify similarities and divergences of the Italian and German national frameworks with the European Commission’s Proposal for a NIS2 Directive, the analysis will focus on selected aspects extrapolated from the Commission Proposal, namely: i) the enlarged scope; ii) detailed cybersecurity risk-management measures; iii) more stringent supervisory measures; and, iv) stricter enforcement requirements, including harmonised sanctions across the EU. The article concludes that the national cybersecurity legal frameworks under scrutiny already match the core of the proposed changes envisaged by the NIS2 Proposal.

Sandra Schmitz-Berndt, Pier Giorgio Chiara (2022). One step ahead: mapping the Italian and German cybersecurity laws against the proposal for a NIS2 directive. INTERNATIONAL CYBERSECURITY LAW REVIEW, 3(2), 289-311 [10.1365/s43439-022-00058-7].

One step ahead: mapping the Italian and German cybersecurity laws against the proposal for a NIS2 directive

Pier Giorgio Chiara
2022

Abstract

With the COVID-19 pandemic accelerating digital transformation of the Single Market, the European Commission also speeded up the review of the first piece of European Union (EU)-wide cybersecurity legislation, the NIS Directive. Originally foreseen for May 2021, the Commission presented the review as early as December 2020 together with a Proposal for a NIS2 Directive. Almost in parallel, some Member States strengthened (or adopted) national laws beyond the scope of the NIS Directive to respond adequately to the fast-paced digital threat landscape. Against this backdrop, the article investigates the national interventions in the field of cybersecurity recently adopted by Italy and Germany. In order to identify similarities and divergences of the Italian and German national frameworks with the European Commission’s Proposal for a NIS2 Directive, the analysis will focus on selected aspects extrapolated from the Commission Proposal, namely: i) the enlarged scope; ii) detailed cybersecurity risk-management measures; iii) more stringent supervisory measures; and, iv) stricter enforcement requirements, including harmonised sanctions across the EU. The article concludes that the national cybersecurity legal frameworks under scrutiny already match the core of the proposed changes envisaged by the NIS2 Proposal.
2022
Sandra Schmitz-Berndt, Pier Giorgio Chiara (2022). One step ahead: mapping the Italian and German cybersecurity laws against the proposal for a NIS2 directive. INTERNATIONAL CYBERSECURITY LAW REVIEW, 3(2), 289-311 [10.1365/s43439-022-00058-7].
Sandra Schmitz-Berndt; Pier Giorgio Chiara
File in questo prodotto:
File Dimensione Formato  
Schmitz-Berndt-Chiara2022_Article.pdf

accesso aperto

Tipo: Versione (PDF) editoriale
Licenza: Licenza per Accesso Aperto. Creative Commons Attribuzione (CCBY)
Dimensione 641.76 kB
Formato Adobe PDF
641.76 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11585/891644
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact