1st Edition

Cybersecurity and EU Law Adopting the Network and Information Security Directive

By Theodoros Karathanasis Copyright 2025
    280 Pages
    by Routledge

    Cybersecurity is set to be one of the dominant themes in EU governance in the coming years, and EU law has begun to adapt to the challenges presented by security with the adoption of the Network and Information Security Directive. This book explores the binding effects of the legal instruments, and analyses the impact of the constraining factors originating from NIS-related domestic policies across Finland, France, Greece, Ireland, Luxembourg and Poland upon the transposition of the NIS Directive.

    Combining insights from law and political science, the book offers a comparative empirical analysis of national policies and regulations regarding Network and Information Security, as well as the national legal framework deriving from the NIS directive’s transposition. The book argues that the more the Directives offer a regulatory leeway to EU Member States for the transposition of their content, the more the preservation of national interests by EU Member States affects the uniform application of directives across the EU. Highlighting the need to go beyond the study of the legal compliance of European directives, the volume offers a new perspective on the interests of member states and European law, bridging the gap between the politics and law of European integration.

    It will be of interest to students, academics and practitioners with an interest in EU Law and cybersecurity.


    1. Introduction

    2. The Cybersecurity Rulemaking of the EU:  Moving from Soft Law to Hard Law

    3. The NIS Directive: A Hard Instrument with a Soft Dimension

    4. Framing the Assessment of the Effectiveness of the Transposition of the NIS Directive

    5. Case Studies Comparative Analysis I, Transposing the NIS Directive

    6. Case Studies Comparative Analysis II, the Impact of Domestic Factors

    7. Conclusion



    Theodoros Karathanasis is a Research Fellow at the Chair Legal and Regulatory Implications of Artificial Intelligence (MIAI - UGA, Grenoble) and attached to the Centre for International Security and European Cooperation Studies (CESICE). He holds a PhD on European law from the University of Grenoble Alpes (UGA). He is a member of the cyber experts’ network of the European Centre of Excellence for Combating Hybrid Threats (HybridCoE), as well as of the EU CyberNet.