In order to support organisations in their process of identifying appropriate security measures, based on the provisions of both NISD and GDPR, this report uses as basis the pre-existing ENISA guidance and presents a mapping of already identified security objectives, between the NISD and the GDPR.
The report should be used as a starting point for the above-mentioned assessment and is targeted mainly to OESs and DSPs. Following the analysis in Sections 2, 3 and 4, this report concludes that organisations could benefit from a unified risk management framework, specialized sectorial guidance and specialised guidance on emerging privacy and security techniques. It also proposes that a method of cooperation between competent NISD and GDPR authorities as well as a co-ordinated approach on certifications concerning information security issues would be beneficial for the Digital Single Market.
Located in
Publications