Download This PaperThe New EU Cybersecurity Framework: The NIS Directive, ENISA’s Role and the General Data Protection Regulation
Computer Law & Security Review, Volume 35, Issue 6, November 2019, 105336
11 Pages Posted: 31 Mar 2021
Date Written: November 1, 2019
Abstract
The NIS Directive is the first horizontal legislation undertaken at EU level for the protection of network and information systems across the Union. During the last decades e-services, new technologies, information systems and networks have become embedded in our daily lives. It is by now common knowledge that deliberate incidents causing disruption of IT services and critical infrastructures constitute a serious threat to their operation and consequently to the functioning of the Internal Market and the Union. This paper first discusses the Directive's addressees particularly with regard to their compliance obligations as well as Member States’ obligations as regards their respective national strategies and cooperation at EU level. Subsequently, the critical role of ENISA in implementing the Directive, as reinforced by the proposal for a new Regulation on ENISA (the EU Cybersecurity Act), is brought forward, before elaborating upon the, inevitable, relationship of the NIS Directive with EU's General Data Protection Regulation.
Keywords: EU data protection, Cybersecurity, NIS Directive, ENISA
Suggested Citation: Suggested Citation
Vagelis Papakonstantinou (Contact Author)
Faculty of Law and Criminology, Vrije Universiteit Brussel ( email )
Pleinlaan 2
Brussels, 1050
Belgium
HOME PAGE: http://vpapakonstantinou.com