EU Introduces Cybersecurity Act 2 for 2026 to Expand Certification and Strengthen Digital Resilience

The European Commission has presented the Cybersecurity Act 2, scheduled for 2026, which extends certification to managed services and the security posture of organizations. This revision introduces measures to reduce risks related to the supply chain, including "key ICT assets" and high-risk suppliers. The initiative aims to bolster the EU's digital resilience in the face of growing threats.