EU Cybersecurity Resilience Strengthened by New European Commission Measures – InfoCons Consumer Protection Informs You
Cyber threats have become a daily reality for Europe, targeting essential services, businesses, and democratic institutions. These attacks, often carried out by highly organised criminal networks or state-backed actors, are growing in complexity and impact. In response to this evolving risk landscape, the European Commission has presented a new cybersecurity package aimed at reinforcing the European Union’s resilience and defensive capabilities.
This initiative marks an important step toward ensuring that Europe’s digital infrastructure remains secure, trustworthy, and prepared for future cyber and hybrid threats.
InfoCons Consumers Protection Informs You – Artificial Intelligence & the Manipulation of Human Perception – InfoCons Consumer Protection in Cybersecurity
Strengthening the Security of EU ICT Supply Chains
A central pillar of the proposed package is the revision of the EU Cybersecurity Act, with a strong focus on securing Information and Communication Technologies (ICT) supply chains. Recent cyber incidents have exposed vulnerabilities in these supply chains, which are critical to the functioning of energy networks, transport systems, healthcare services, and other essential sectors.
The revised framework introduces a harmonised, risk-based approach that allows the EU and its Member States to jointly assess and mitigate risks linked to suppliers, including dependencies on high-risk third-country providers. In today’s geopolitical context, cybersecurity is no longer only about technical flaws—it also involves addressing risks related to foreign interference and strategic dependencies.
Reducing Risks in Mobile and Critical Network Infrastructure
Building on existing work under the 5G security toolbox, the updated Cybersecurity Act will enable the mandatory derisking of European mobile telecommunications networks. This measure is designed to protect critical infrastructure by limiting exposure to suppliers that pose significant cybersecurity concerns.
By coordinating actions across 18 critical sectors, the EU aims to balance security needs with economic considerations and market stability, ensuring continuity of supply while reducing systemic risks.
A Simpler and Stronger Cybersecurity Certification Framework
Another key element of the proposal is the enhancement of the European Cybersecurity Certification Framework (ECCF). The revised system is intended to ensure that digital products and services entering the EU market are secure by design, while also making certification faster and more accessible.
Under the new rules, certification schemes would typically be developed within 12 months, supported by clearer procedures and more transparent governance. Stakeholders will be more closely involved through structured consultations and improved access to public information.
For businesses, certification will remain voluntary but highly practical—helping demonstrate compliance with EU rules while reducing administrative costs. For consumers and public authorities, the framework will increase trust in complex digital supply chains.
InfoCons Consumers Protection Informs You – The Theme of World Intellectual Property Day 2026 is “ Choose Original , Choose Safe ! Ready, Set, Innovate ! ” – InfoCons Consumers Protection
Making Compliance Easier for Companies Across the EU
The cybersecurity package also includes measures to simplify compliance with existing EU cybersecurity legislation. Targeted amendments to the NIS2 Directive are designed to clarify legal obligations and reduce unnecessary burdens, particularly for smaller businesses.
These changes are expected to ease compliance for nearly 28,700 companies, including thousands of micro and small enterprises. A new category of small mid-cap enterprises will further reduce regulatory costs, while streamlined jurisdiction rules and improved ransomware reporting will enhance cross-border supervision and cooperation.
Empowering ENISA to Respond to Cyber Threats
Since 2019, the European Union Agency for Cybersecurity (ENISA) has become a central player in Europe’s cybersecurity ecosystem. The revised Cybersecurity Act significantly expands its role, enabling the agency to support Member States in understanding threats, preparing responses, and managing cyber incidents.
ENISA will issue early warnings on emerging cyber risks, support companies in responding to ransomware attacks in cooperation with Europol and national response teams, and develop a coordinated EU approach to vulnerability management. The agency will also operate the future single-entry point for incident reporting, improving efficiency and information sharing.
Building Cybersecurity Skills for the Future
In addition to operational support, ENISA will continue investing in Europe’s cybersecurity workforce. This includes piloting the Cybersecurity Skills Academy and creating EU-wide skills attestation schemes, helping address the growing demand for qualified cybersecurity professionals across sectors.
InfoCons Consumers Protection Informs You – Shopping Addiction ? Alerts Concerning Hyundai Vehicles ! Choose Safely with the InfoCons Consumer Protection App !
Next Steps Toward Implementation
Once approved by the European Parliament and the Council of the EU, the revised Cybersecurity Act will apply immediately. The accompanying amendments to the NIS2 Directive will require Member States to transpose the rules into national law within one year, ensuring consistent implementation across the Union.
With this new cybersecurity package, the European Commission sends a clear signal: digital security is a strategic priority for the EU. By strengthening supply chain security, simplifying certification and compliance, and empowering ENISA, the Union is reinforcing trust in its digital ecosystem while preparing for future threats.
InfoCons informs you so you can better understand how EU cybersecurity policies protect citizens, businesses, and essential services in an increasingly connected world.
Source : European Commission
Signature : InfoCons Cybersecurity Department