Since 2019, there have been more cyber-related risks in the European region due to a variety of factors, including the growth of vulnerabilities disclosed, the scale and spread of cybersecurity attacks, malware and ransomware, the COVID-19 crisis's push for digitalization, and Russia's aggression in Ukraine. To further increase the level of cyber resilience for important sectors across the Union, the network infrastructure security directive (NIS) has been revised. In accordance with the new regulation, organizations that fall under its purview must set up a governance for risk management, implement a broad range of cybersecurity measures, address supply chain risks, and report incidents and threats that could disrupt services in a way that jeopardizes the public's safety, security, health, or economy.
