EU Cyber Security Regulation - from global politics to local implementation

Abstract:

The new cyber security regulation package prepared by the EU is one of its most ambitious and important recent pieces of legislation: just as GDPR changed how every business and organization stored and handled data, NIS 2.0 and the other planned measures will change how every company handles its IT security and thus its business. It is therefore highly relevant for Microsoft and every one of its EU business customers. Microsoft will feel the benefits if the regulation works and encounter serious problems if it is handled badly. Locating the research project at CBS both maximizes its chances of receiving full cooperation from all relevant actors and opens up the possibility of developing a longstanding cooperation in cyber security policy with a world leading computer studies department. By focusing on the most problematic areas (cyber security ratings and supply chain management, SMEs) that might upset the implementation process while assembling knowledge from regulated industries on all other elements of the legislation the project is designed to identify problems and offer workable solutions. Starting it now means it has every chance of achieving a significant impact.