Enhances digital operational resilience in the EU financial sector, setting requirements for risk management, incident reporting, testing, and third-party risk management for financial entities.
Cybersecurity Fundamentals
Access a wealth of resources including articles, whitepapers, tools, and guides to support your learning.
Category
Type
More
Difficulty Level
- Cybersecurity Ethics and Laws
Regulation (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation)
- Published date:
- Author: European Parliament and the Council of the European Union
Establishes a framework for secure and reliable electronic transactions in the EU by enabling electronic identification and trust services (e.g., electronic signatures, seals, timestamps).
- Cybersecurity Ethics and Laws
General Data Protection Regulation (GDPR)
- Published date:
- Author: European Parliament and the Council of the European Union
The GDPR is a comprehensive regulation that sets out rules for the processing of personal data of individuals within the European Union (EU). It aims to protect individuals’ fundamental right to privacy and data protection.
- Cybersecurity Ethics and Laws
NIS2 Directive
- Published date:
- Author: European Parliament and the Council of the European Union
The NIS2 Directive is a comprehensive EU-wide legislation that enhances cybersecurity measures across the Union. Enacted in 2023, it updates the original rules from 2016 to address the complexities of increased digitization and evolving cyber threats. The directive broadens the scope to include new sectors and entities, improving the resilience and incident response capabilities of both public and private sectors. It mandates that Member States enhance their preparedness through resources like Computer Security Incident Response Teams (CSIRTs) and national authorities. The NIS2 Directive also fosters a cooperative environment among EU countries through a Cooperation Group and promotes a security-focused culture in critical sectors reliant on ICTs, requiring essential service operators and key digital service providers to implement robust security measures and report serious incidents.
- Cybersecurity Ethics and Laws
The EU Cybersecurity Act
- Published date:
- Author: European Parliament and the Council of the European Union
The EU Cybersecurity Act enhances cybersecurity across the European Union by strengthening the European Union Agency for Cybersecurity (ENISA) and introducing an EU-wide certification framework for ICT products, services, and processes. This framework allows companies to obtain certification once for their ICT offerings, with recognition across all EU member states, simplifying compliance and enhancing security standards.
- Cybersecurity Ethics and Laws
The Cyber Resilience Act
- Published date:
- Author: European Parliament and the Council of the European Union
The Cyber Resilience Act is a proposed EU regulation aimed at strengthening cybersecurity requirements for products with digital elements. It addresses critical gaps in the current legal framework, particularly the absence of specific cybersecurity measures for non-embedded software. The Act focuses on reducing vulnerabilities from the design phase through the entire lifecycle of hardware and software products. Its goals are to enhance product security, ensure consistent cybersecurity frameworks for producers, improve transparency about product security features, and empower consumers and businesses to use digital products securely. This legislation seeks to mitigate the substantial societal and economic impacts of cyberattacks by establishing stricter cybersecurity standards across the EU.