EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

European cyber security law in 2023: A review of the advances in the Network and Information Security 2 Directive 2022/2555

Charanjit Singh
Additional contact information
Charanjit Singh: Holborn Chambers, UK

Cyber Security: A Peer-Reviewed Journal, 2023, vol. 7, issue 1, 82-92

Abstract: Cyber security capabilities must be designed to mitigate attacks and threats to key network and information systems and ensure continuity in service provision, contribute to the security and effective functioning of economies and societies, and the Network and Information Security 2 Directive (NIS2) seeks to strengthen the European Union (EU) approach to this. Advances in artificial intelligence (AI) have revolutionised industries including banking (FinTech), law (RegTech), insurance (InsureTech), charities (CharityTech) and health (HealthTech). The EU understands this and has therefore introduced the requirement for member states to embrace AI, as a cyber security tool used to protect against and prevent cyber security attacks/threats. The purpose of this paper is to review the NIS2 and the changes it makes to the European approach to cyber security including the use of AI, and the implications for businesses subject to the new rules. The subject is explored through an analysis of literature, EU law and policy documentation. This paper critically reviews a significant advent in European cyber security and technology law: the advances created by the NIS2 Directive, which are considered alongside other key legislation that came into force in January 2023. In addition, the UK’s contrasting evolving position is also critically reviewed. The paper concludes with several practical suggestions on the, if any, steps for businesses as at April 2023. The NIS2 makes some significant inroads to close security gaps that existed in the EU cyber security-related legislative framework; importantly, it creates a requirement for the use of AI in the EU’s cyber security defence armoury. Businesses need to undertake several steps in preparation for full implementation of the NIS2. This research is among the first to review key advances made in EU cyber security and technology law, and to contrast that with the UK position as at April 2023. It is also the first to discuss the likely powers of competent authorities, and the potential results of breaching other EU legislation such as the General Data Protection Regulation (GDPR).

Keywords: cyber security; artificial intelligence; EU law; NIS2; cyberthreat; UK law (search for similar items in EconPapers)
JEL-codes: M15 (search for similar items in EconPapers)
Date: 2023
References: Add references at CitEc
Citations:

Downloads: (external link)
https://hstalks.com/article/8051/download/ (application/pdf)
https://hstalks.com/article/8051/ (text/html)
Requires a paid subscription for full access.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:aza:csj000:y:2023:v:7:i:1:p:82-92

Access Statistics for this article

More articles in Cyber Security: A Peer-Reviewed Journal from Henry Stewart Publications
Bibliographic data for series maintained by Henry Stewart Talks ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:aza:csj000:y:2023:v:7:i:1:p:82-92