By Angelos Varthalitis, CISSM | CISO, KidsKonnect (Ovivio NL) | Founder, AVSec Advisory | DBA Researcher — AI Governance & Cyber Risk

On 20 January 2026, the European Commission published its cybersecurity package: targeted amendments to the NIS2 Directive, a revised Cybersecurity Act (CSA2), and a broader Digital Omnibus that touched the AI Act, GDPR, ePrivacy, and the Data Act. The framing was clear: simplification, harmonisation, certification-based compliance.

Four months later, that package no longer exists in the form it was proposed.

Two distinct forces have already started reshaping it. The first is regulatory: on 18 March 2026, the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) adopted Joint Opinion 4/2026, formally requested by the Commission, with specific recommendations that will likely affect the final text [1]. The second is political: in the early hours of 7 May 2026, after a nine-hour trilogue under the Cypriot Presidency, the European Parliament and the Council reached a provisional agreement on the Digital Omnibus on AI [5]. The new application dates for high-risk AI systems are now the operative planning baseline.

Neither development is a footnote. Together, they tell CISOs that the cybersecurity and AI compliance baseline they were planning against in January is no longer current — and that the convergence of these regulatory tracks is being shaped right now by actors other than the Commission.

This article unpacks both developments, explains what is likely to survive in the final text and what is not, and lays out what CISOs should be doing about it.

Signal One: The EDPB/EDPS Joint Opinion 4/2026

On 21 January 2026, one day after the cybersecurity package was published, the Commission formally consulted the EDPB and the EDPS under Article 42(2) of Regulation (EU) 2018/1725. Their Joint Opinion 4/2026, adopted on 18 March, is a substantive document that does three things: it endorses the package’s overall direction, identifies specific provisions where data protection considerations require amendment, and signals where data protection authorities will assert influence during the trilogue [1].

For CISOs reading the Opinion as a forward indicator of the final text, four points stand out.

The “double-sided” framing matters. The Opinion opens with a principle that recurs across more than sixty paragraphs: cybersecurity serves the protection of personal data by limiting the risks of unwanted access, modification, or unavailability — but some cybersecurity measures can themselves interfere with privacy and data protection [1]. The implication: necessity and proportionality, not effectiveness alone, will be the standard applied to ENISA’s expanded role, to certification schemes, and to any future implementing acts. This is a governance frame CISOs should adopt internally — particularly for AI-assisted security tooling that itself processes personal data.

Single-entry point for personal data breach notification: now politically reinforced. The EDPB and the EDPS strongly support the establishment of a single-entry point for the notification of personal data breaches, framing it as a measure that reduces administrative burden without affecting the level of protection for data subjects [1]. Combined with the parallel position taken in Joint Opinion 2/2026 on the broader Digital Omnibus [9], this is the clearest signal yet that incident reporting consolidation across NIS2, GDPR, DORA, and the CER Directive will survive the legislative process — even if precise mechanics remain under negotiation. For CISOs, the planning implication is that incident response playbooks should already be designed around a single reporting channel for cross-regime incidents by 2027–2028.

ENISA’s expanded role comes with conditions. The Opinion welcomes the strengthening of ENISA but pushes back on three specific design elements. First, it recommends that the EDPS — not only the EDPB — be entitled to request ENISA advice on cybersecurity aspects of EU data protection law (Article 5(1)(h) CSA2). Second, it argues that any ENISA Management Board decisions on additional personal data processing measures (Article 66(2) CSA2) should require prior consultation with the EDPS. Third, it recommends that ENISA consult the EDPB before adopting any cybersecurity certification scheme that intersects with GDPR certification (Article 80(1)(w) CSA2) [1]. These are procedural rather than substantive changes, but they reshape the governance architecture of cybersecurity certification — every scheme will carry a data protection consultation step.

The European Cybersecurity Skills Framework gets pushed beyond professionals. Article 19 of the CSA2 Proposal would limit the European Cybersecurity Skills Framework (ECSF) to cybersecurity professionals. The Opinion pushes hard against this, recommending the inclusion of a “Cybersecurity for generalists” profile covering the minimum skills every working-age EU resident should possess to interact safely with the digital single market — particularly against AI-assisted phishing, deepfakes, impersonation, and social engineering. The Opinion further recommends that the professional profiles integrate a module on data protection by design and by default [1]. For CISOs running security awareness programmes, this signals an incoming EU-recognised competency framework that will include both professional and general workforce profiles — and that will explicitly cover AI-augmented threats.

What the Opinion does not push back on is equally informative. It welcomes the designation of European Digital Identity Wallet and European Business Wallet providers as essential entities. It supports the anti-ransomware objectives of the NIS2 amendments. It endorses the trusted ICT supply chain framework [1]. Those elements are likely to survive the trilogue intact.

The net signal: the January package will become law with strengthened data protection guardrails, deeper interlock between cybersecurity and GDPR certification, and procedural roles for the EDPB and the EDPS in ENISA’s expanded mandate. Plan accordingly.

Signal Two: The Digital Omnibus on AI Provisional Agreement

In the early hours of 7 May 2026, after a nine-hour trilogue session, the Council and the European Parliament reached a provisional political agreement on the Digital Omnibus on AI [5][6]. The text now requires formal endorsement and legal-linguistic revision, with publication in the Official Journal expected before 2 August 2026 — the date the original high-risk obligations would otherwise apply.

For most CISOs, the agreement immediately changes the AI compliance planning baseline. Five elements deserve close attention.

Application dates for high-risk AI systems are postponed. For Annex III stand-alone high-risk AI systems — covering biometrics, employment, education, credit, law enforcement, justice, migration, critical infrastructure, and essential services — application is deferred by sixteen months, from 2 August 2026 to 2 December 2027. For Annex I systems (AI embedded in products covered by EU sectoral product safety legislation), application is deferred by twelve months, from 2 August 2027 to 2 August 2028 [6][8]. The Commission’s original conditional mechanism, under which application would have been triggered by a Commission decision on standards readiness, has been dropped in favour of fixed dates. The political logic was straightforward: the technical standards and harmonised guidance required for compliance are not yet ready, and businesses cannot be held to standards that do not yet exist.

For CISOs, the 2 December 2027 date is now the operative compliance baseline for the majority of in-scope high-risk AI systems. This is meaningful runway — but it is not a licence to defer. Existing readiness work (classification scoping, governance frameworks, technical documentation) should continue and indeed accelerate, because the postponement is calibrated to the time required to actually implement controls — not to permit further delay in starting.

A new Article 5 prohibition: AI systems generating non-consensual intimate imagery and CSAM. The agreement inserts a new prohibited practice covering AI systems whose primary purpose is to generate child sexual abuse material or non-consensual sexual or intimate content (the so-called “nudifier” prohibition). It applies from 2 December 2026. The drafting reaches beyond purpose-built tools to systems whose functionality renders such misuse reasonably foreseeable — a standard of foreseeability rather than intent [6][7]. In practical terms, providers and deployers of generative image, video and audio systems will need to evidence design-stage and deployment-stage controls, including content filtering, prompt-level safeguards, fine-tuning constraints, and incident response procedures. For CISOs governing internal generative AI use, this is now a board-level reputational and legal exposure question.

Watermarking grace period: compressed, not extended. Article 50(2), which requires providers of generative AI systems to mark synthetic audio, image, video, or text content as machine-readable, retains its 2 August 2026 application date. The agreement introduces a transitional period for providers with systems already on the market before that date — but the period was compressed from the Commission’s proposed six months to three. The effective compliance date for existing generative AI is 2 December 2026. New systems placed on the market or put into service from 2 August 2026 onwards must comply from the date of placement [6]. For CISOs at organisations operating generative AI internally or externally, 2 December 2026 should be read as a hard engineering deadline.

Reinstated obligations. Two obligations that the Commission’s original proposal had relaxed have been restored. First, providers must register high-risk AI systems in the EU database even where they have concluded the system is exempt from high-risk classification. Second, the strict necessity standard for processing special categories of personal data for bias detection and correction is preserved [7][8]. Both reinstatements reflect a Parliament priority that constrained the simplification narrative.

SME privileges extended to small mid-caps. The regulatory privileges available to small and medium-sized enterprises under Article 99 of the AI Act are extended to small mid-cap enterprises (SMCs) — a new category created across multiple Omnibus tracks [6][8]. This mirrors the small mid-cap category introduced in the NIS2 amendments, and signals a coherent EU policy shift toward proportionate regulation for growing companies.

The wider AI Act architecture is intact. GPAI obligations under Articles 50 to 55, in force since 2 August 2025, are not amended. Article 4 AI literacy obligations continue. Governance provisions remain. The deal is recalibration, not relaxation.

Where the Two Signals Converge

These developments are easy to read in isolation. The harder and more useful reading is together. Two observations.

The Brussels machine is moving — but not in one direction. The EDPB and the EDPS are adding obligations and procedural safeguards to the cybersecurity package. The Council and the Parliament are postponing application dates for AI compliance. The first tightens. The second loosens. For CISOs running converged cyber-and-AI governance programmes, the operational implication is that planning baselines need to be updated against two different vectors simultaneously. The 2027–2028 horizon for AI compliance has more runway than the January proposal suggested. The cybersecurity package is on track to become law with more rather than fewer governance hooks than the Commission originally envisaged.

The single-entry point for incident reporting is now the most reliable forward indicator. Both signals — the EDPB/EDPS Opinion and the broader Digital Omnibus track — explicitly back this consolidation. The remaining open question is mechanics and timing. For CISOs, that means incident response infrastructure built for a fragmented reporting landscape (separate NIS2, GDPR, DORA, CER channels) is being engineered for obsolescence. Investment now should be designed for a single-channel future, even if today’s transposed national rules still require parallel reporting.

What CISOs Should Do Now

The combined signal from these two developments points to five concrete actions.

Update your 2027 compliance roadmap to the new AI Act dates. The 2 December 2027 / 2 August 2028 timeline is the new planning baseline. Internal communication should reframe existing AI readiness work as being on the right trajectory rather than ahead of schedule. The risk is board complacency in response to a perceived delay.

Treat 2 December 2026 as a hard engineering deadline for generative AI. Watermarking under Article 50(2) and the new Article 5 prohibition both bite from this date. Foreseeability-of-misuse standards require design-stage and deployment-stage controls evidenced in documentation, not just in policy. Bring AI governance, legal, and security teams together on this milestone now.

Map your data breach reporting against a single-channel future. Design incident response playbooks for a single-entry reporting model even while operating under current parallel obligations. The legislative direction is settled; the timeline is what remains uncertain. The architectural decision is not.

Anticipate stronger EDPB/EDPS roles in cybersecurity certification. If your organisation is planning to rely on the future European cybersecurity certification schemes as a compliance pathway under NIS2, expect those schemes to carry explicit data protection consultation steps and to be calibrated against GDPR security controls. This is good news — it lowers the cost of demonstrating GDPR compliance through a cybersecurity certification — but it means the certification process will not be purely technical.

Refresh board communication. Both signals are board-relevant. The AI Act dates change the urgency framing of AI governance investment. The EDPB/EDPS Opinion changes the governance architecture of certification. A short briefing note that translates these developments into your organisation’s planning baseline avoids the perception — common among non-technical board members — that “Brussels is loosening the rules.”

The Reshape Is the Story

The January 2026 package was not a finished product. It was a Commission proposal that has now passed through two of the three institutional filters that will determine its final form — regulatory consultation and political compromise. Trilogue on the NIS2/CSA2 amendments will follow, with political agreement targeted for early 2027 and full operational impact extending into 2028 and beyond.

For CISOs, the lesson is governance more than it is regulation. The organisations that will struggle are those that read the Commission’s January text as a stable target. The organisations that will benefit are those that have built compliance architecture able to absorb ongoing legislative evolution without losing momentum — those that treat regulatory shaping as a continuous input rather than a one-off event.

The package is changing. The timeline is moving. The architecture is being reshaped before it is enacted. None of this is reason to pause. All of it is reason to plan against the direction of travel, not the original proposal.

References

1. EDPB / EDPS — Joint Opinion 4/2026 on the Proposal for a Cybersecurity Act 2 and the Proposal on amendments to the NIS 2 Directive, adopted 18 March 2026

2. EDPB — Press release: EDPB and EDPS support strengthening EU’s cybersecurity and easing compliance while protecting individuals’ personal data, 19 March 2026

3. European Commission — Proposal for a Directive amending Directive (EU) 2022/2555 (NIS2), COM(2026) 13 final, 20 January 2026

4. European Commission — Proposal for a Regulation on ENISA, the European cybersecurity certification framework, and ICT supply chain security (Cybersecurity Act 2), COM(2026) 11 final, 20 January 2026

5. White & Case — EU agrees Digital Omnibus deal to simplify AI rules, May 2026

6. Bird & Bird — Digital Omnibus on AI: Provisional Agreement Reached at the May Trilogue, May 2026

7. Hogan Lovells — EU legislators agree to delay for high-risk AI rules, May 2026

8. Lexology — EU Digital Omnibus Deal: Simplification of AI Act and Postponed Deadlines, May 2026

9. EDPB / EDPS — Joint Opinion 2/2026 on the Proposal for a Regulation as regards the simplification of the digital legislative framework (Digital Omnibus), adopted 10 February 2026

10. Regulation (EU) 2024/1689 (EU AI Act)

11. Directive (EU) 2022/2555 (NIS2 Directive)