Document Actions

Most EU businesses unclear on latest cyber security laws

Computer Weekly - Most businesses in the UK, France and Germany feel guidelines to achieve compliance with new European Union cyber security legislation are unclear, a study has revealed.

A third of organisations polled also do not understand the impact of the coming cyber security legislation, according to a study by security firm FireEye.

The study assessed respondents’ understanding and expectations of the proposed Network and Information Security (NIS) and General Data Protection Regulation (GDPR) legislation.

The GDPR is set to be finalised in early 2015, with compliance becoming mandatory in 2017.

The NIS directive – set to be implemented this year – will impose new security and incident reporting requirements on a broader range of private sector companies.

The study shows that many organisations in Europe are unprepared for the changes and are challenged by the cost and complexity of complying with new EU data security legislation.