Cybersecurity

EDPS Formal comments on the draft Commission Implementing Regulation laying down rules for the application of Directive (EU) 2022/2555 as regards technical and methodological requirements of cybersecurity risk-management measures and further specification of the cases in which an incident is considered to be significant with regard to DNS service providers, TLD name registries, cloud computing service providers, data centre service providers, content delivery network providers, managed service providers, managed security service providers, providers of online market places, of online search engines and of social networking services platforms, and trust service providers

EDPS Formal comments on the draft Commission Implementing Regulation on laying down implementing technical standards for the application of Regulation (EU) 2022/2554 with regard to the standard forms, templates and procedures for financial entities to report a major ICT-related incident and to notify a significant cyber threat.

EDPS Formal comments on the draft Commission Delegated Regulation on supplementing Regulation (EU) 2022/2554 with regard to regulatory technical standards specifying the content of the reports and notifications for major ICT-related incidents and significant cyber threats and the time limits for reporting of these incidents.

EDPS Formal comments on the draft Commission Delegated Regulation supplementing Regulation (EU) 2019/943 of the European Parliament and of the Council by establishing a network code on sector-specific rules for cybersecurity aspects of cross-border electricity flows.