On January 20, 2026, the European Commission presented an updated package of proposals on cybersecurity, known as Cybersecurity Act 2.0, with the aim of strengthening the common European framework in the face of increasingly complex cyber threats.

The initiative aims to consolidate coordination at EU level by promoting a more consistent approach to risk management across the digital supply chain.

Among the most significant measures, the package provides for a strengthening of measures relating to high-risk suppliers. More binding rules are proposed, accompanied by the setting of a deadline of 12 months for their removal from networks.

Taken together, the measures aim to reduce regulatory fragmentation, increase the resilience of digital infrastructure, and strengthen confidence in the Digital Single Market, contributing to technological sovereignty and long-term European competitiveness.