The package introduces measures to simplify compliance with EU cybersecurity rules and risk-management requirements for companies operating in the EU, complementing the single-entry point for incident reporting proposed in the Digital Omnibus. Targeted amendments to the NIS2 Directive aim to increase legal clarity by simplifying jurisdictional rules, streamlining the collection of data on ransomware attacks and facilitating the supervision of cross-border entities with ENISA's reinforced coordinating role.
You can download the Proposal and its annex below.
Downloads
1. COM(2026) 13 - Directive Proposal for simplification measures and alignment with the Cybersecurity Act
2. COM(2026) 13 - Annex to the Directive Proposal for simplification measures and alignment with the Cybersecurity Act
Related content
Europe faces daily cyber and hybrid attacks on essential services and democratic institutions, carried out by sophisticated state and criminal groups.