EU Member States Should Incorporate NIS Directive Provisions into their National Strategy

A national cybersecurity strategy should include a risk assessment plan, preparedness, response and recovery measures, an indication of awareness-raising/training programmes and research and development plans, designation of one or more national competent authorities and CSIRTs, development of security requirements for operators of essential services, establishment of incident notification, and rules for effective, proportionate and dissuasive penalties.

The European Union Agency For Network and Information Security Agency (“ENISA”) issues a good practice guide for the design and implementation of national cybersecurity strategies (“NCSS”) by EU Member States.

ENISA – NCSS Good Practice Guide – Designing and Implementing National Cyber Security Strategies

Be the first to comment

Leave a Reply

Your email address will not be published.


*


*