Recital 39 Malicious access

Successful, suspectedly malicious and unauthorised access to a relevant entity means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations;’s network and information systems means: an electronic communications network as defined in Article 2, point (1), of Directive (EU) 2018/1972; any device or group of interconnected or related devices, one or more of which, pursuant to a programme, carry out automatic processing of digital data; or digital data stored, processed, retrieved or transmitted by elements covered under points (a) and (b) for the purposes of their operation, use, protection and maintenance; should be regarded as a significant incident means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555;, where such access is capable of causing severe operational disruption. For instance, where a cyber threat means a cyber threat as defined in Article 2, point (8), of Regulation (EU) 2019/881; actor pre-positions itself in a relevant entity means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations;’s network and information systems means: an electronic communications network as defined in Article 2, point (1), of Directive (EU) 2018/1972; any device or group of interconnected or related devices, one or more of which, pursuant to a programme, carry out automatic processing of digital data; or digital data stored, processed, retrieved or transmitted by elements covered under points (a) and (b) for the purposes of their operation, use, protection and maintenance; with a view to causing disruption of services in the future, the incident means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; should be considered to be significant.