EU Regulators Seek to Extend Cybersecurity Rules to More Industries New bill designates cloud providers and data center operators as critical infrastructure The proposed rules elevate cybersecurity to the board level, said Thierry Breton, EU commissioner for internal market, shown in November. Photo: pool/Reuters By Dec. 17, 2020 5:30 am ET | WSJ Pro European regulators want to designate cloud computing providers, data center operators and other sectors as critical infrastructure, requiring them to comply with mandated cybersecurity rules for the first time. The draft EU legislation, known as the directive on network and information systems, also strengthens security rules for all of the bloc’s seven previously designated critical infrastructure sectors, such as health care and financial services. Companies would need to implement measures to protect data and inform authorities quickly if they are hacked. The law would go into effect after negotiations with EU national governments and lawmakers, which can take months.