EU chief announces cybersecurity law for connected devices –

Good to see lawmakers thinking about smart coffee machines, though I’m unsure of what a pulled pork machine would look like…:

[…] The Commission initiative adds to an existing proposal for a Directive on Security of Network and Information Systems, commonly known as the NIS2 Directive. NIS2 expands the scope of the previous directive, by raising the cyber security requirements for digital services employed in critical sectors of the economy and society.

Bart Groothuis, the lawmaker leading on the NIS2 file in the European Parliament, emphasises the complementarity of the two EU laws. While NIS2 addresses the security of critical supply chains, he says connected devices are a blind spot in the EU cybersecurity arsenal.

“The internet of things will bring about a great deal of unsecured products, because security is often not on top of the mind of the producers of such machines. And there is no European standard yet to be upheld. It’s nice to have a pulled pork machine in your kitchen, or a smart coffee machine, but it is also a way hackers can enter your home IT systems,” Groothuis told EURACTIV.


Original article