Cullen International is tracking the progress made by the 27 EU member states in transposing the directive on measures for a high common level of cybersecurity across the EU (NIS2). EU member states have until 17 October 2024 to transpose the NIS2, which replaces the existing NIS Directive.
After Croatia and Hungary, Belgium is the third country that transposed the NIS2 Directive into national law.
Moreover, draft transposition laws were published in most EU member states (17 in total), for example Germany, the Netherlands, Sweden. In Finland and Luxemburg, the draft laws were submitted to parliament.
The NIS2 sets out cybersecurity risk-management and reporting obligations for large and medium-sized entities operating in critical sectors in the EU (e.g. telecoms, cloud).
For more information on the benchmark and Cullen's complete NIS2 coverage, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our European Digital Economy service.
more news
17 April 25
Four-fifths of European mobile operators partially or completely sold their towers
Our latest benchmark analyses the business models adopted in 23 European countries, whether tower companies are registered under the general authorisation regime and if governments adopted specific legislation to stop foreign takeover of tower companies.
16 April 25
10 latest national developments in European telecoms regulation
Significant regulatory developments have recently taken place across Europe, particularly in the areas of fixed wholesale regulation and spectrum policy.
14 April 25
[INFOGRAPHIC] EU AI Act timeline
Our timeline outlines the milestones in the implementation of the Artificial Intelligence Act (AI Act) until August 2027.