Legal experts have warned organizations in certain highly regulated industries that they could be fined twice under new EU security laws with huge maximum penalties.
The GDPR has received most press since it was introduced at the end of May, but for operators of essential services (OES) and digital service providers (DSPs), there’s also a second piece of legislation to consider: the EU directive on the Security of Networks and Information Systems (NIS Directive), introduced a few weeks previously.
This means a serious breach could result in two fines for organizations in energy, health, transport, water and “digital infrastructure” sectors — i.e. providers of certain cloud and search, services and online marketplaces.
By Phil Muncaster
To read the full article click here.