Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 Dece... (32022L2555)
INHALT
Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive) (Text with EEA relevance)
- DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL
- of 14 December 2022
- on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive)
- (Text with EEA relevance)
- CHAPTER I
- GENERAL PROVISIONS
- Article 1
- Subject matter
- Article 2
- Scope
- Article 3
- Essential and important entities
- Article 4
- Sector-specific Union legal acts
- Article 5
- Minimum harmonisation
- Article 6
- Definitions
- CHAPTER II
- COORDINATED CYBERSECURITY FRAMEWORKS
- Article 7
- National cybersecurity strategy
- Article 8
- Competent authorities and single points of contact
- Article 9
- National cyber crisis management frameworks
- Article 10
- Computer security incident response teams (CSIRTs)
- Article 11
- Requirements, technical capabilities and tasks of CSIRTs
- Article 12
- Coordinated vulnerability disclosure and a European vulnerability database
- Article 13
- Cooperation at national level
- CHAPTER III
- COOPERATION AT UNION AND INTERNATIONAL LEVEL
- Article 14
- Cooperation Group
- Article 15
- CSIRTs network
- Article 16
- European cyber crisis liaison organisation network (EU-CyCLONe)
- Article 17
- International cooperation
- Article 18
- Report on the state of cybersecurity in the Union
- Article 19
- Peer reviews
- CHAPTER IV
- CYBERSECURITY RISK-MANAGEMENT MEASURES AND REPORTING OBLIGATIONS
- Article 20
- Governance
- Article 21
- Cybersecurity risk-management measures
- Article 22
- Union level coordinated security risk assessments of critical supply chains
- Article 23
- Reporting obligations
- Article 24
- Use of European cybersecurity certification schemes
- Article 25
- Standardisation
- CHAPTER V
- JURISDICTION AND REGISTRATION
- Article 26
- Jurisdiction and territoriality
- Article 27
- Registry of entities
- Article 28
- Database of domain name registration data
- CHAPTER VI
- INFORMATION SHARING
- Article 29
- Cybersecurity information-sharing arrangements
- Article 30
- Voluntary notification of relevant information
- CHAPTER VII
- SUPERVISION AND ENFORCEMENT
- Article 31
- General aspects concerning supervision and enforcement
- Article 32
- Supervisory and enforcement measures in relation to essential entities
- Article 33
- Supervisory and enforcement measures in relation to important entities
- Article 34
- General conditions for imposing administrative fines on essential and important entities
- Article 35
- Infringements entailing a personal data breach
- Article 36
- Penalties
- Article 37
- Mutual assistance
- CHAPTER VIII
- DELEGATED AND IMPLEMENTING ACTS
- Article 38
- Exercise of the delegation
- Article 39
- Committee procedure
- CHAPTER IX
- FINAL PROVISIONS
- Article 40
- Review
- Article 41
- Transposition
- Article 42
- Amendment of Regulation (EU) No 910/2014
- Article 43
- Amendment of Directive (EU) 2018/1972
- Article 44
- Repeal
- Article 45
- Entry into force
- Article 46
- Addressees
- ANNEX I
- SECTORS OF HIGH CRITICALITY
- ANNEX II
- OTHER CRITICAL SECTORS
- ANNEX III
- CORRELATION TABLE
Feedback