The European Commission (EC) is seeking the views of interested parties on its 2016 directive which called for a high level of security for network and information systems across the trading bloc.
The review will include assessing whether cybersecurity has improved across the EU, identifying existing and emerging issues, and quantifying regulatory costs and benefits.
“Digital transformation creates opportunities, but can also threaten our economy and society,” the commission said. “Despite progress under EU rules, cybersecurity capabilities across the EU remain unequal, with insufficient protection against cyber threats.”
As a first stage there is open public feedback to 13 August, followed by public consultation in the third quarter and EC adoption of the conclusions by the end of the year.