NIS2 Directive
Table of Contents
Chapter I – GENERAL PROVISIONS
Chapter II – COORDINATED CYBERSECURITY FRAMEWORKS
Chapter III – COOPERATION AT UNION AND INTERNATIONAL LEVEL
Chapter IV – CYBERSECURITY RISK-MANAGEMENT MEASURES AND REPORTING OBLIGATIONS
Chapter V – JURISDICTION AND REGISTRATION
Chapter VI – INFORMATION SHARING
Chapter VII – SUPERVISION AND ENFORCEMENT
Chapter VIII – DELEGATED AND IMPLEMENTING ACTS
Chapter IX – FINAL PROVISIONS
Recitals (144)
Annexes
Recital 92
(92) In order to streamline the obligations imposed on providers of public electronic communications networks or of publicly available electronic communications services, and trust service providers, related to the security of their network and information systems, as well as to enable those entities and the competent authorities under European Electronic Communications Code (EECC) of the European Parliament and of the Council and eIDAS Regulation (Electronic Identification) respectively to benefit from the legal framework established by this Directive, including the designation of a CSIRT responsible for incident handling, the participation of the competent authorities concerned in the activities of the Cooperation Group and the CSIRTs network, those entities should fall within the scope of this Directive. The corresponding provisions laid down in eIDAS Regulation (Electronic Identification) and European Electronic Communications Code (EECC) related to the imposition of security and notification requirements on those types of entity should therefore be deleted. The rules on reporting obligations laid down in this Directive should be without prejudice to General Data Protection Regulation (GDPR) and ePrivacy Directive (Electronic Communications).