- within Technology topic(s)
- with readers working within the Business & Consumer Services industries
- within Technology, Consumer Protection and Antitrust/Competition Law topic(s)
May 2026 – We are pleased to share our updated and extended overview and critical analysis of the European cybersecurity reform, Cybersecurity Act 2.0 (CSA2), now including additional jurisdictions.
This overview examines one of the most significant proposed shifts in the EU’s digital regulatory framework since the adoption of the original Cybersecurity Act. It outlines the key elements of the European Commission’s proposal, including the expansion of ENISA’s mandate, the centralisation of certain cybersecurity competences at EU level, and a harmonised framework addressing “non-technical risks” linked to third-country suppliers.
The analysis also highlights the potential impact of CSA2 on Member States’ sovereignty, public procurement, certification schemes, and the broader business environment, as well as the financial and operational consequences for market participants, particularly in light of the proposed “high-risk vendor” designation and mandatory phase-out requirements.
Through this overview, we aim to provide stakeholders and market participants with a clear understanding of the evolving cybersecurity landscape in the EU, the challenges arising from CSA2, and its potential implications across jurisdictions, with a specific focus on Croatia, Hungary, Austria and Slovakia.
Click on the image below or use the following link to read the full overview in English.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
[View Source]