The European Union is crafting a new cybersecurity law that will establish security obligations for Internet companies that provide digital service platforms, Reuters reported Thursday.
Julia Fioretti writes that the Network and Information Security Directive will require companies such as Cisco and Amazon to implement strict security measures, including a potential breach notification mandate.
The report said the directive initially only covered critical infrastructure companies, particularly in the energy, finance and transportation sectors.
“We’re pleased to see digital service platforms subject to a different regime but we’re disappointed at the lack of recognition that it is the use of cloud that determines the security risk not the service itself,” said Chris Gow, senior manager of government affairs at Cisco, according to the report.
Services included under the directive are cloud computing, search engines, e-commerce and social networks as well as other digital services provided to infrastructure operators, Fioretti reports.
Reuters said EU member states will still meet in September to discuss other preferences and establish their definition of a digital service platform.