The Implementation Guidance on NIS2 Security Measures is now officially in feedback period. Following ECSO’s efforts in disseminating and engage our Membership in the policy process, we are now collecting feedback to ensure it is not only transmitted but heard by ENISA. For more information on how to deliver your feedback, contact Sebastijan Čutura, CISO Network and Related Policies Manager at ECSO.
The European Union Agency for Cybersecurity (ENISA) started an open consultation process asking for feedback on Implementation Guidance on NIS2 Security Measures. Aimed at critical entities in the digital services and infrastructure sector, ENISA develops this technical guidance to provide:
- Additional advice and tips on what to consider when implementing a requirement and further explanation about concepts and terms used in the legal text.
- Examples of evidence, which could be used to assess if a requirement has been met.
- Tables, mapping the security requirements in the Implementing Regulation to European and international standards, as well as national frameworks.
This technical guidance of ENISA complements the NIS2 Implementing Act of the European Commission, laying down details on cybersecurity risk management measures as well as the cases in which an incident should be considered significant.
Earlier this year, the European Cyber Security Organisation (ECSO) collected feedback on the NIS2 Implementing Act, which was submitted collectively to the European Commission. Now, ECSO is following the same steps to react together by submitting official feedback.
To submit your input, contact Sebastijan Čutura, ECSO Senior Manager, Industry Cybersecurity) in order to receive the feedback form.
Deadline for submissions is 2 January 2025, EoB.
About the ECSO Cyber Threat Management Working Group
The ECSO Cyber Threat Management Working Group provides support to organisations in tackling cyber threats by collaborating with industry leaders in strategically important areas, such as the CTI and implementation of the EU cybersecurity policies. Together we aim to build a trusted environment for practitioners and end-users in cybersecurity where you can share information, lessons learned, and best practices to increase cyber resilience of European companies and organisations.
Sebastijan Čutura
Senior Manager, Industry Cybersecurity
sebastijan.cutura[at]ecs-org.eu
Tomasz Michałowski
Junior Manager for European Cyber Security Community
tomasz.michalowski[at]ecs-org.eu
