Home / EU Law / Data protection and cybersecurity / Cybersecurity
Powered by Lexis+®
Jurisdiction(s):
European Union

EU Cybersecurity Package 2026: CSA2 introduces trusted ICT supply chain framework, ECCF reform and stronger ENISA; targeted NIS2 changes on risk management, ransomware reporting, certification and cross-border supervision

Copyright © 2026 LexisNexis

Published on: 03 February 2026

Published by a LexisNexis EU Law expert
Legal News
imgtext
Article summary

Background and purpose of the proposal

The existing CSA reinforced the EU Agency for Cybersecurity (‘ENISA’) and established the European Cybersecurity Certification Framework (‘ECCF’) to enable voluntary, EU-wide cybersecurity certification. After NIS2 was adopted in 2022, the EU legislator introduced compulsory cyber risk management and incident reporting duties for critical sectors. In light of escalating cyber threats and geopolitical shifts, the new Cybersecurity Package proposes updates to the CSA and NIS2 to:

  • strengthen the protection of critical Information and Communication Technologies (‘ICT’) supply chains within NIS2 sectors
  • streamline use of EU cybersecurity certifications under the ECCF
  • make NIS2 compliance easier while bolstering ENISA’s cross-border supervision support

What are key changes in the EU Cybersecurity Act 2?

The proposed Revised EU Cybersecurity Act, or EU Cybersecurity Act 2 (‘CSA2’), would fully replace the CSA and introduces the following new elements:

  • ICT supply chain security: the draft CSA2 sets out an EU-level ‘trusted ICT supply chain framework’ to address non-technical supply chain risks for certain NIS2 sectors...

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.
CONTINUE READING

Popular documents

Using the Judicial College Guidelines to assess general damages in personal injury claims

When evaluating a general damages claim, the practitioner ought initially to refer to the Judicial College Guidelines (JCG)...

Read More Right Arrow
Tomlin orders in England and Wales: CPR guidance on drafting, confidentiality, approval, variation, enforcement, limitation, CCA issues, court-specific requirements, sample wording and precedents

This Practice Note This Practice Note reviews mechanisms used in settling litigation. A Tomlin order consists of a consent order paired with a schedule. It operates to stay proceedings on terms that have been agreed. The provisions contained in the schedule may remain confidential. This Practice Note describes the scope of confidentiality attaching to the schedule and sets out how it differs from a standard consent order. Sample wording for a Tomlin order is included, alongside links to precedents, as well as guidance on court approval. It also addresses varying, setting aside and enforcing a Tomlin order, including the considerations the court will take into account when handling applications for each. Further guidance is provided on interpreting and applying the relevant provisions of the CPR; however, some courts and divisions impose very specific requirements for both drafting and approval, and for approaching the schedule and confidentiality issues. Accordingly, you must consider the particular rules and court guide provisions in the forum where your claim is proceeding when drawing up the Tomlin order...

Read More Right Arrow
Precedent: Deed of Surrender of Lease with Optional Premium, Settlement and Release, Landlord, Mortgagee and Guarantor Consents, Reimbursement and HM Land Registry Provisions (England and Wales)

Date [ date ] Parties [ name of Landlord ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Landlord) [ name of Tenant ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Tenant) [ [ name of Guarantor ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Guarantor) ] [ [ name of Mortgagee ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Mortgagee) ] Definitions Within this Deed, the terms below shall be interpreted as follows: [ Annual Rent • the annual sum reserved under the Lease; ] [ Insurance Rent • the Tenant’s share of the Landlord’s costs of insuring the Property (as set out in the Lease); ] Lease • the lease of the Property dated [ date ], entered into between (1) [ the Landlord OR [ name ...

Read More Right Arrow
Precedent Statutory Declaration: Standard Wording under the Statutory Declarations Act 1835

I, [ name ], of [ address ], solemnly and sincerely state that: [ Matters to be verified, set out in numbered paragraphs ] I make this solemn statement in good conscience, believing it to be true, and pursuant to the provisions of the Statutory Declarations Act 1835. DECLARED at [ details ] this [ day ] day of [ month and year ] Before me ................................................................................ [ signature of the person before whom the declaration is made ] A [ commissioner for oaths OR [ solicitor OR [ insert other qualification ] ] authorised to administer oaths ]...

Read More Right Arrow

Discover more from LexisNexis