Source: OJ L 333, 27.12.2022, p. 80–152
ENRecital 49 Cyber hygiene policies
Cyber hygiene policies provide the foundations for protecting network and information system means: an electronic communications network as defined in Article 2, point (1), of Directive (EU) 2018/1972; any device or group of interconnected or related devices, one or more of which, pursuant to a programme, carry out automatic processing of digital data; or digital data stored, processed, retrieved or transmitted by elements covered under points (a) and (b) for the purposes of their operation, use, protection and maintenance; infrastructures, hardware means a physical electronic information system, or parts thereof capable of processing, storing or transmitting digital data;, software means the part of an electronic information system which consists of computer code; and online application security, and business or end-user data upon which entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; rely. Cyber hygiene policies comprising a common baseline set of practices, including software means the part of an electronic information system which consists of computer code; and hardware means a physical electronic information system, or parts thereof capable of processing, storing or transmitting digital data; updates, password changes, the management of new installs, the limitation of administrator-level access accounts, and the backing-up of data, enable a proactive framework of preparedness and overall safety and security in the event of incidents means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; or cyber threats means a cyber threat as defined in Article 2, point (8), of Regulation (EU) 2019/881;. ENISA should monitor and analyse Member States’ cyber hygiene policies.