|Title||The European Approach to Cybersecurity in 2023: A Review of the Changes Brought in By the Network and Information Security 2 (NIS2) Directive 2022/2555|
Artificial intelligence (AI) is revolutionising Banking (FinTech) and Law (RegTech), as well as many other sectors including Charities (CharityTech) and Health (HealthTech). AI is continuing to push the parameters in which it has integrated itself into critical functions, economically and socially. Innovating and embracing the benefit of AI also means having a robust protection system to prevent cybersecurity breaches and/or strikes that seek to damage, destroy, or unlawfully profiteer from those benefits. The purpose of this article is to review the NIS2 and the changes it makes to the European approach to cybersecurity, and the implications for businesses subject to the new rules.
This subject is approached through the analysis of literature, European law, and policy documentation. The article presents with a review of the changes to the current European approach brought in by the NIS2 alongside some other key EU legislation that also came into force in January 2023, a contrast with the UKs evolving position, and concludes with practical suggestions on next steps for businesses as at February 2023.
Several steps are suggested for business to undertake in preparing for full implementation of the NIS2. The work is original because it one of the first to review the changes made by key EU legislation in relation to the European approach to cybersecurity and provides contrast with the UKs position as at February 2023, discuss the likely powers of the competent authority and aspects such what happens in the event other EU law is also breached, for example the GDPR.
|Journal||International Company and Commercial Law Review|
|Journal citation||5, pp. 251-261|
|Publisher||Sweet & Maxwell Ltd.|
|Accepted author manuscript|
CC BY-NC 4.0
File Access Level
Open (open metadata and files)