Creating New Laws – But will they work or hurt?
The EU Parliament is working towards a Network and Information Security Directive (NIS) which is planned to be finalized soon and turned into a Law!
The NIS will be part of and an extension of the General Data Protection Regulation (GDPR).
Both of these new directives have several sticking points but especially sticky is who will be affected and what will be mandated by these new directives/laws.
Recently we got a better definition of the Parliaments direction but no conclusion on who will be included in these new laws!-
Members of the European Parliament only wanted the NIS Directive to cover critical infrastructure, but the EU Commission thought the Directive should have a wider scope, cover relevant Internet services and breach information.
The year 2015 should be remembered as the year of Cyber laws as the U.S. Government is also passing more (weak) laws and mandating more governmental departmental coverage of breaches and more fines, not helping just fining more$. Plus almost every state in the U.S. is passing new laws trying to protect the individual citizen but I am afraid that 2015 may be in the history books as one of the worst years for breaches and the number of citizens information that was affected. At the rate we are going in 2015, soon the hackers and China/Russia will have all the data on every U.S. citizen, even on every military and governmental employee and every secret project! Know thy enemy is a real threat and we seem to be helpless in stopping all these very damaging attacks!