Source: OJ L, 2024/2690, 18.10.2024
ENCybersecurity measures and significant incidents for relevant entities
Commission Implementing Regulation (EU) 2024/2690
of 17 October 2024
laying down rules for the application of Directive (EU) 2022/2555 as regards technical and methodological requirements of cybersecurity risk-management measures and further specification of the cases in which an incident is considered to be significant with regard to DNS service providers, TLD name registries, cloud computing service providers, data centre service providers, content delivery network providers, managed service providers, managed security service providers, providers of online market places, of online search engines and of social networking services platforms, and trust service providers
Table of contents
Preamble 1 – 43Recitals
- Articles
- Article 1Subject matter
- Article 2Technical and methodological requirements
- Article 3Significant incidents
- Article 4Recurring incidents
- Article 5Significant incidents with regard to DNS service providers
- Article 6Significant incidents with regard to TLD name registries
- Article 7Significant incidents with regard to cloud computing service providers
- Article 8Significant incidents with regard to data centre service providers
- Article 9Significant incidents with regard to content delivery network providers
- Article 10Significant incidents with regard to managed service providers and managed security service providers
- Article 11Significant incidents with regard to providers of online marketplaces
- Article 12Significant incidents with regard to providers of online search engines
- Article 13Significant incidents with regard to providers of social networking services platforms
- Article 14Significant incidents with regard to trust service providers
- Article 15Repeal
- Article 16Entry into force and application