• The European Commission has proposed strengthening the resilience of critical infrastructure
• Framework covers ten sectors
• An expert group, would facilitate regular cross-border cooperation in the directive’s implementation

The European Commission has  proposed strengthening the resilience of critical infrastructure in the EU.

According to the Commission, immediate action is required to strengthen the EU’s capacity to defend itself against attacks on critical infrastructure. Critical entities in Europe are more interconnected and interdependent, making them stronger and more efficient, but also more vulnerable in the event of an incident.

Russia’s aggression against Ukraine has introduced new risks, including physical and cyber-attacks, which are frequently combined as a hybrid threat. The sabotage of the Nord Stream gas pipelines is one of the recent case, that highlights that  EU’s critical infrastructure needs to be protected from threats.

The Directive on Critical Entities covers ten sectors: transportation, banking, market infrastructures, health, financial drinking water, energy, waste water, public administration, digital infrastructure, and space.

Member states will be required to conduct a national risk assessment and identify critical entities based on the results. Critical entities would be required to conduct their own risk assessments, implement appropriate technical and organisational measures to increase resilience, and report disruptive incidents to national authorities.

The Critical Entities Resilience Group, an expert group, would facilitate regular cross-border cooperation in the directive’s implementation.

The revised Directive on the security of network and information systems (NIS2 Directive) addresses Europe’s vulnerability to cyber threats. It includes medium and large entities from critical sectors of the economy and society, such as providers of public electronic communications services, digital services, and other critical services.

Galactik Views