News brief

EDPB and EDPS Back Stronger EU Cybersecurity Rules While Guarding Personal Data

Published March 19, 2026 GRC

Summary: EDPB and EDPS issued a joint opinion on the Commission’s CSA2 and NIS2 proposals, arguing the EU can streamline cybersecurity obligations without diluting core personal-data protections.

Why it matters: This matters if it changes compliance expectations, enforcement posture, or the practical workload for teams that have to translate guidance into controls, evidence, and operating process.

What to watch: Watch for follow-on implementation guidance, regulator clarification, enforcement movement, or changes in how larger organizations operationalize the requirement.

Source: EDPB

More briefings

EDPB and EDPS Back Stronger EU Cybersecurity Rules While Guarding Personal Data

Related news

EDPB Sharpens Research Guidance and Speeds Up Anonymisation Work

NIST Publishes Hardware Security White Paper on Firmware-Based Monitoring

FTC Targets Noncompete Agreements in Pest Control Enforcement Action