Europe agrees response to cyber-attacks
Technology firms and those running critical services will have to report cyber-breaches, under new rules proposed by MEPs.
The rules will also establish minimum standards of cyber security for banks, energy and water firms.
It is the first time Europe has created EU-wide rules on cyber security.
It comes in the wake of concerns that key infrastructure, such as airports or power stations, could be targeted by hackers.
The Network and Information Security directive is an attempt to deal with the emerging threat of cyber-attacks.
Currently there is no common approach in Europe to digital network breaches, whether they are the result of human error, technical failures or malicious attacks.
The European Agency for Network and Information Security (Enisa) estimates that such breaches result in annual losses in the range of €260bn to €340bn (£188bn to £246bn).
Under the new rules, member states would have to co-operate more on cyber security, exchanging information about breaches, offering best practice and assisting member states in securing their infrastructures.