Knowledge

Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union The Directive on security of Network and Information Systems (‘NIS Directive’), is the first piece of EU-wide legislation on cybersecurity providing some…

By drawing up a National Security Plan (‘NSP’), a government indicates which objectives it wants to pursue in tackling problems that threaten their national security. This usually includes a list of the most important threat phenomena according to that government. Many NSPs cover issues such as terrorism, organised crime and cybersecurity. In…

Regulation 2017/745 of the European Parliament and of the Council of 5 April 2017 on medical devices, amending Directive 2001/83/EC, Regulation (EC) No 178/2002 and Regulation (EC) No 1223/2009 and repealing Council Directives 90/385/EEC and 93/42/ECC Regulation (EU) 2017/746 of the European Parliament and if the Council of 5 April 2017 on…

Official page of the ISO/IEC 27000 family The ISO/IEC 27000 family is a set of international security standards that provide a blueprint for an Information Security Management System that can be applied in practice by an organisation. Information Security Management System The notion ‘Information Security Management System’ (‘ISMS’)…

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) The General Data Protection Regulation (‘GDPR’) regulates the main…

Regulation (EU) no. 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC eIDAS Regulation stands for ‘electronic identification and trust services’. The purpose of the eIDAS Regulation is to…

Regulation 2019/881 of the European Parliament and of the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) General The Cybersecurity Act encompasses two important things: a reinforcement of the mandate, responsibilities, powers and resources of the European Agency for Cybersecurity (‘ENISA’) and the creation of…

General A Computer Security Incident Response Team (‘CSIRT’) is a group of IT professionals who will respond to security incidents when they occur. A CSIRT will provide services and support in the field of prevention, management and coordination of these possible cybersecurity related incidents. The Network and Information Security Directive…