CoreTechDaily

EU Proposes Overhaul of Cybersecurity Act to Exclude High-Risk Foreign Entities

The European Commission has proposed revisions to the Cybersecurity Act, aiming to enhance the EU's resilience against cyber threats by excluding high-risk foreign suppliers from critical infrastructure.

Updated Jan 21, 2026
Tags:EU Cybersecurity ActHuaweiZTEcybersecurityHenna VirkkunenNIS2 DirectiveHigh-Risk Suppliers
EU Proposes Overhaul of Cybersecurity Act to Exclude High-Risk Foreign Entities
Andrew Wallace

Andrew Wallace

Professional Tech Editor

Focuses on professional-grade hardware, software, and enterprise solutions.

The European Commission has unveiled plans to revise the Cybersecurity Act, aiming to bolster the EU's defenses against cyber threats targeting essential services and democratic institutions. This initiative responds to the escalating frequency and sophistication of cyberattacks, particularly those attributed to state-backed groups amid rising geopolitical tensions.

Key Aspects of the Proposed Revisions:

  • Exclusion of High-Risk Suppliers: The proposal mandates the gradual removal of telecom equipment from "high-risk" countries within three years. While specific nations are not named, this measure is widely interpreted as targeting Chinese companies like Huawei and ZTE, which have been previously identified as security concerns. (apnews.com)
  • Enhanced Certification Processes: The revision introduces a "cyber-secure by design" approach, streamlining and expediting the certification process for digital products, services, and processes. This aims to ensure that all products reaching EU citizens are secure by design, thereby reducing reliance on suppliers deemed to pose national security risks. (commission.europa.eu)
  • Simplification of Compliance for Businesses: Amendments to the NIS2 Directive are proposed to simplify compliance requirements for approximately 28,700 companies operating within the EU. These changes seek to clarify jurisdictional rules and streamline data collection on ransomware attacks, facilitating a more efficient response to cybersecurity incidents. (digital-strategy.ec.europa.eu)

Implications and Next Steps:

The proposed revisions are subject to approval by the European Parliament and the Council of the EU. Once approved, member states will have one year to implement the changes. European Commission Vice President Henna Virkkunen emphasized the strategic importance of these measures, stating that they are essential to protect EU citizens and infrastructure by fortifying ICT supply chains. (commission.europa.eu)

These developments underscore the EU's commitment to enhancing its cybersecurity resilience and reducing dependence on foreign entities that may pose security risks.

EU's Cybersecurity Overhaul Targets High-Risk Suppliers:

React to this story

Related Posts

Understanding the Risks of Hijacked .arpa Domains in Phishing Scams

Mar 2, 2026

Understanding the Risks of Hijacked .arpa Domains in Phishing Scams

Learn how hackers exploit .arpa domains for phishing attacks, and what you can do to protect yourself.

How Cybercriminals Are Using Women for Social Engineering Scams

Mar 2, 2026

How Cybercriminals Are Using Women for Social Engineering Scams

Discover how cybercriminals are recruiting women to enhance their social engineering scams, offering significant pay and targeting major companies.

Concerns Over Lovable's Malware-Ridden Apps: What Users Need to Know

Mar 2, 2026

Concerns Over Lovable's Malware-Ridden Apps: What Users Need to Know

Lovable's coding service faces accusations of hosting malware, prompting developers to reassess their app security practices.

How Cloud Migration Supports AI Opportunities for Businesses

Mar 1, 2026

How Cloud Migration Supports AI Opportunities for Businesses

Explore the critical steps in cloud migration that enable businesses to leverage AI effectively, including governance and security.