Beta

Source: OJ L 333, 27.12.2022, p. 80–152

EN

Recital 30 The CER directive

In view of the interlinkages between cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; and the physical security of entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations;, a coherent approach should be ensured between Directive (EU) 2022/2557 of the European Parliament and of the Council(13)Directive (EU) 2022/2557 of the European Parliament and of the Council of 14 December 2022 on the resilience of critical entities and repealing Council Directive 2008/114/EC (see page 164 of this Official Journal). and this Directive. To achieve this, entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; identified as critical entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; under Directive (EU) 2022/2557 should be considered to be essential entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; under this Directive. Moreover, each Member State should ensure that its national cybersecurity strategy means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881;provides for a policy framework for enhanced coordination within that Member State between its competent authoritiesas defined in Article 46 under this Directive and those under Directive (EU) 2022/2557 in the context of information sharing about risks means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident;, cyber threats means a cyber threat as defined in Article 2, point (8), of Regulation (EU) 2019/881;, and incidents means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; as well as on non-cyber risks means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident;, threats and incidents means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555;, and the exercise of supervisory tasks. The competent authoritiesas defined in Article 46 under this Directive and those under Directive (EU) 2022/2557 should cooperate and exchange information without undue delay, in particular in relation to the identification of critical entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations;, risks means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident;, cyber threats means a cyber threat as defined in Article 2, point (8), of Regulation (EU) 2019/881;, and incidents means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; as well as in relation to non-cyber risks means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident;, threats and incidents means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; affecting critical entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations;, including the cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; and physical measures taken by critical entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; as well as the results of supervisory activities carried out with regard to such entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations;.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod