The European Union Agency for Cybersecurity (ENISA) announced Thursday that it is creating technical guidance to help EU Member States and entities implement the technical and methodological requirements of the NIS2 cybersecurity risk-management measures. The European Commission outlined these measures when it adopted the initial implementing rules on cybersecurity for critical entities and networks under the Directive for a high common level of cybersecurity across the Union last month.
ENISA develops this technical guidance to support relevant entities by implementing the new regulations’ technical and methodological requirements. The implementation guidance was developed by ENISA and the work stream on cybersecurity risk and vulnerability management of the NIS Cooperation Group (NIS CG), in collaboration with the NIS Cooperation Group work streams on digital service providers and digital infrastructures, as well as with the ENISA European Competent Authorities for Trust Services (ECATS) Expert Group and the European Competent Authorities for Secure Electronic Communications (ECASEC). It is the result of consultations from June to mid-October 2024.
The NIS2…