News Item

ENISA contributes to the development of groundbreaking EU cybersecurity regulation on Digital Service Providers in the context of the NIS Directive

Published on February 02, 2018

© Copyright: Shutterstock

The European Commission has published the implementing regulation for the application of Directive (EU) 2016/1148 pursuant Art 16(8) of NIS Directive.

This initiative provisions further specification of the elements to be taken into account by Digital Service Providers (DSPs) for managing the risks posed to the security of network and information systems and of the parameters for determining whether an incident has a substantial impact.

The EU Cybersecurity ENISA closely supported the European Commission’s Network and Information Systems Security Comitology Committee responsible for developing the implementing act.

Our Agency conducted intensive research with the purpose of providing technical input for drafting this important initiative.

Two ENISA reports that laid the groundwork for the Comitology Committee’s work were published: one focusing on incident notification for DSPs, and one putting forward minimum security measures for DSPs.

ENISA carried out numerous interviews with industry representatives, in order to ensure a smooth transfer of knowledge and a proper understanding of DSPs’s technical and business specificities.

The DSPs incident notification requirements are part of the European Union’s first wide set of cybersecurity rules. This groundbreaking piece of legislation represents a major step towards achieving a common level of cybersecurity across the Union.

DSPs are the owners or administrators of the underlying systems currently called either Internet or Digital Society.

Alongside telecom providers, DSPs make the digital infrastructure available to operators of essential services. It is therefore reasonable to believe that they play an important role in assuring the cybersecurity of our digital market, ergo they will be the first ones required to adopt measures. Recitals 35 and 44 of the NIS Directive provide valuable insights in this respect.


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information