The European Union (EU) has agreed to new rules aimed at tackling cybercrime. The announcement, made on 13 May, came after long consultations on the contents of the deal. The updated legislation will be known as NIS2, and aims to increase cooperation and resistance to cyberattacks across EU member states. There are also updated incident reporting obligations, especially for the banking and essential services sectors. This is an update to the previous rules, where countries could choose what they classed as “essential” when reporting incidents. The new legislation instead clarifies the rules, placing responsibility on every critical sector to protect, report, and update authorities at every step.