Brussels is edging closer to new information security regulations.
New cyber-security regulation will force key companies to adopt risk-management practices and report major security breaches to the authorities, according to the European Commission.
The Network and Information Security Directive, though proposed in 2013, is in the final stages of approval in Brussels between the European parliament and council.
The directive will affect companies in the energy, transport, banking and health sectors. Internet service providers could be included too, but the extent to which they will
For thoughtful journalism, expert insights on corporate governance and an extensive library of reports, guides and tools to help boards and directors navigate the complexities of their roles, subscribe to Board Agenda