Critical Sectors

ENISA is supporting the EU Member States since 2012 to develop, implement and evaluate their National Cyber Security Strategies (NCSS). Since 2017, all EU Member States have published their own NCSS.

Critical Sectors

The protection of critical sectors is an integral part of many cyber and information security strategies. Cybersecurity covers a broad spectrum of ICT-related security issues, of which the protection of critical sectors is an essential part. National strategies should include objectives and priorities related to the protection of critical sectors in particular those referred to Annexes I and II of the NIS2 Directive. In addition, as part of their national strategy, Member States shall also adopt specific policies, related to sustaining the general availability, integrity and confidentiality of the critical sectors including, the public core of the internet and where relevant, the cybersecurity of undersea communications cables.

Austria

Belgium

Bulgaria

Croatia

Cyprus

Czech Republic

Denmark

Estonia

Finland

France

Germany

Greece

Hungary

Iceland

Ireland

Italy

Latvia

Liechtenstein

Lithuania

Luxembourg

Malta

Netherlands

Norway

Poland

Portugal

Romania

Slovakia

Slovenia

Spain

Sweden

Switzerland

Malta

Malta transposed the NIS2 Directive into national legislation with Legal Notice 71 of 2025, known as the Measures for a High Common Level of Cybersecurity Across the European Union (Malta) Order (Subsidiary Legislation 460.41). https://legislation.mt/eli/sl/460.41/eng

Attachments:

S.L. 460.41.pdf

Related objective Protect Critical Sectors

Critical Sectors

Critical Sectors

Country related resources:

Subscribe