LEGAL ANALYSIS
Botón de compartir en Linkedin
Download pdf:
Publication of the cyber security directive: requirements for operators of critical infrastructures and essential services

Publication of the cyber security directive: requirements for operators of critical infrastructures and essential services

04/10/2016 - Author: Isabela Crespo Vitorique, José Miguel Lissén Arbeloa

Publication of the cyber security directive: requirements for operators of critical infrastructures  and essential servicesThe Directive on security of network and information systems across the Union, a cornerstone of the EU’s cyber security strategy, was published on 19 July 2016. This directive requires Member States to adopt a national security strategy and technical and organisational capabilities to prevent, detect and respond to network and information system incidents and risks. The companies and entities that operate critical infrastructures and essential services (energy, transportation, banking and financial markets, the health sector, water supply and digital infrastructure) are largely responsible for ensuring such security and must implement programmes to create a culture of risk management and measures to prevent and handle attacks when they occur.


Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union, also known as the directive on security of network and information systems (the NIS Directive) was published in the Official Journal of the European Union on 19 July 2016 and came into force on 8 August 2016. Member States have until 9 May 2018 to transpose the directive into their national laws...

Download pdf:
Publication of the cyber security directive: requirements for operators of critical infrastructures and essential services