[cabf_netsec] Article 18 of EU NIS 2 Directive

[Ben Wilson]

Hi all,

Just thought I would throw this in for when we copy annual risk assessment
from section 5 of the BRs into the NCSSRs.

Article 18: Cybersecurity risk management measures

1. Member States shall ensure that essential and important entities shall
take *appropriate and proportionate technical and organisational measures
to manage the risks posed to the security of network and information
systems which those entities use** in the provision of their services*.
Having regard to the state of the art, those measures shall ensure a level
of security of network and information systems appropriate to the risk
presented.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/netsec/attachments/20221028/9df7595a/attachment.html>