General approach on the resilience of critical entities adopted by the Council
The Council has approved a general approach on the draft directive on the resilience of critical entities, aiming to reduce the vulnerabilities of the entities that provide essential services in the EU.
If agreed upon, the new directive will require Member States to have a strategy to enhance their resilience, and to carry out an assessment every four years to identify the critical entities providing essential services. The entities themselves will have to identify any relevant risks, take measures in order to ensure their resilience and notify any disruptive incidents to the competent authorities. Moreover, the Commission may be requested to organise advisory missions to assess the measures put in place by critical entities of European significance to meet their obligations.
The general approach adopted by the Council aligns the scope of the proposed directive on critical entities and the proposed directive on measures for a high common level of cybersecurity across the EU (NIS2), a request made by Member States during the discussions on the proposal.
The presidency of the Council will now launch discussions with the European Parliament to pursue an agreement on a final text.
Read the Council’s press release here.