New Video from @NoLimitSecu Discusses Recent Cybersecurity Regulations

In this episode of the weekly French-language podcast dedicated to cybersecurity, NoLimitSecu contributors Reina, Marc-Antoine, Nicolas, Hervé, and Paul discuss recent cybersecurity regulations. They cover several European directives and regulations, including NIS 2, DORA, the Cyber Resilience Act (CRA), the directive on product liability, the Cyber Solidarity Act, and the revision of the Cyber Security Act. NIS 2: The NIS 2 directive, revised in 2022, aims to establish a minimum level of cybersecurity maturity for various sectors and companies. It imposes specific security measures, such as access control, encryption, crisis management, and incident notification. The contributors emphasize the importance of the transposition of this directive by Member States, although some countries, like Denmark, are lagging behind. They also discuss the practical implications for companies, particularly the importance of focusing on implementing security measures and following the national transposition process. DORA: DORA, or Digital Operational Resilience Act, is a regulation specific to financial entities, including banks, insurance companies, and crowdfunding platforms. It imposes strict cybersecurity requirements, with detailed measures and notification obligations. The contributors note that DORA is more complex and detailed than NIS 2, which can pose challenges for financial entities. Cyber Resilience Act (CRA): The CRA is a regulation aimed at strengthening the cybersecurity of products and services with digital components. It imposes security requirements for connected products, such as smart glasses, servers, and smart fridges. The contributors discuss the practical implications for manufacturers and service providers, highlighting the importance of compliance and the penalties for non-compliance. Directive on product liability: This directive, which replaces a 1985 version, extends legal liability to connected products, including antivirus software and servers. It allows consumers to hold manufacturers accountable in case of non-compliance. The contributors discuss the implications for companies, including the need to comply with security requirements and manage legal risks. Cyber Solidarity Act: This regulation aims to create a European mechanism for responding to cyber threats and incidents. It imposes requirements for detection, preparation, and collective reaction. The contributors discuss the challenges of implementation and the implications for cooperation between Member States. Revision of the Cyber Security Act: The 2019 revision of the Cyber Security Act aims to strengthen the mandate of ENISA, the European cybersecurity agency, and to establish common certification criteria for products and services. The contributors discuss the implications for companies and Member States, highlighting the importance of certification and standardization. ePrivacy: The proposed ePrivacy regulation, which was supposed to replace the directive of the same name, has been abandoned. The contributors discuss the implications for the protection of personal data and cookies, highlighting the challenges of consumer protection in the digital context. In conclusion, the contributors emphasize the importance of cybersecurity and compliance with regulations for companies. They encourage companies to prioritize security and request adequate budgets for implementing the necessary measures. For more information, watch the full video: https://www.youtube.com/watch?v=ER-_p9BCRJg