The European Union has increased the number of companies subject to strict cybersecurity rules and increased fines for companies that do not comply with them. When companies ignore the rules, they can expect fines of up to 2 percent of global revenue.
Now that a large proportion of Europe’s population is working from home because of the corona pandemic, cybersecurity is of increasing importance. That is why the EU wants to increase its resistance to cyber threats, Reuters writes.
The proposal aims to extend the existing Cyber Security Act of 2016, also known as NIS, so that it will apply to more companies. This includes medium-sized and large companies in 10 essential sectors. These sectors are energy, transport, banking, financial market infrastructures, health, drinking water, wastewater, digital infrastructure, public administration and space.
Other entities that would be covered are medium and large firms in the branches of postal and courier services, waste management, chemicals, food manufacturing, medical devices, computers and electronics, machinery equipment, motor vehicles and digital providers such as online marketplaces, search engines and social networks.
If companies in these sectors do not abide by the rules, they would face fines ranging from 10 million euros to 2 percent of their global revenue. If a company continues to break the rules, the EU can perform a suspension of authorisation.
Before the proposal is implemented, it must first be assessed by the European Parliament and the EU Member States. This process may take several years.