Article
The new EU cybersecurity framework: The NIS Directive, ENISA’s role and the General Data Protection Regulation
Computer Law & Security Review
(2019)
Abstract
The NIS Directive is the first horizontal legislation undertaken at EU level for the protection of network and information systems across the Union. During the last decades e-services, new technologies, information systems and networks have become embedded in our daily lives. It is by now common knowledge that deliberate incidents causing disruption of IT services and critical infrastructures constitute a serious threat to their operation and consequently to the functioning of the Internal Market and the Union. This paper first discusses the Directive's addressees particularly with regard to their compliance obligations as well as Member States’ obligations as regards their respective national strategies and cooperation at EU level. Subsequently, the critical role of ENISA in implementing the Directive, as reinforced by the proposal for a new Regulation on ENISA (the EU Cybersecurity Act), is brought forward, before elaborating upon the, inevitable, relationship of the NIS Directive with EU's General Data Protection Regulation.
Keywords
- EU data protectionCybersecurityNIS DirectiveENISA
Disciplines
Publication Date
November, 2019
DOI
https://doi.org/10.1016/j.clsr.2019.06.007
Citation Information
Vagelis Papakonstantinou, Markopoulou Dimitra and Paul De Hert. "The new EU cybersecurity framework: The NIS Directive, ENISA’s role and the General Data Protection Regulation" Computer Law & Security Review Vol. 35 Iss. 6 (2019) Available at: http://works.bepress.com/vagelis-papakonstantinou/39/