23 Jun 2026 NIS2 – Simplification without Compromising Cybersecurity
Eurosmart Recommendations on the Proposal Amending Directive (EU) 2022/2555 (NIS2)
Eurosmart welcomes the Commission’s proposal to simplify and improve the implementation of Directive (EU) 2022/2555 (NIS2) in line with the CSA 2 proposal and supports the objective of reducing unnecessary regulatory burden while maintaining a high level of cybersecurity across the Union.
The proposal contains several positive elements, including the introduction of post-quantum cryptography in national cybersecurity strategies, the recognition of cyber posture certification schemes, and the adaptation of scope criteria for certain categories of entities.
At the same time, several provisions would benefit from clarification or adjustment in order to preserve legal certainty, avoid unintended consequences and ensure that simplification efforts do not weaken cybersecurity or create inconsistencies with other Union legislation.
Eurosmart therefore proposes targeted amendments in six key areas:
- Digital Identity and Trust Services;
- Cybersecurity Certification;
- Post-Quantum Cryptography;
- Supply Chain Security;
- Scope and Harmonisation of NIS2;
- Governance, Reporting and ENISA Registry.
