Resources
Europe, Middle East, Africa

Europe - Critical Entities Resilience


The European Commission has adopted a list of essential services in the eleven sectors covered by the Critical Entities Resilience Directive (CER), which entered into force on 16 January 2023. Critical entities provide essential services in upholding key societal functions, supporting the economy, ensuring public health and safety, and preserving the environment. Member States will have to identify the critical entities for the sectors set out in the CER Directive by 17 July 2026. They will use this list of essential services to carry out risk assessments and to then identify the critical entities. Once identified, the critical entities will have to take measures to enhance their resilience.

EC press release Critical Sectors July 2023

EC Critical Entities Resilience Directive December 2022

rome, vatican, stairs-5195046.jpg

The NIS2 Directive

The Network and Information Security Directive (NIS2) Directive is the EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU.:

EC - NIS2 Directive January 2023

piggy, bank, money-2889050.jpg

Digital Operational Resilience Act

The Digital Operational Resilience Act for the financial sector aims to strengthen financial sector’s operational resilience. It highlights incident reporting, resilience testing, information sharing, threat intelligence and third-party risk management.

EC - Digital Operational Resilience Act December 2022