Poland is one of the 24 member states that have not yet implemented the so-called policy. The NIS2 directive aims to improve the level of cybersecurity in the EU. The implementation deadline was October 17th. Entities operating in critical sectors such as public electronic communications services, ICT service management, digital services, wastewater and waste management, space, healthcare, energy, transport, manufacturing of critical products, postal and courier services, government public services, etc. Contains.
The European Commission will initiate the procedure. Poland is one of the 24 countries
The EC initiated the process on Thursday by sending a formal notification to 24 governments. The government needs to respond within two months. If the EC is not satisfied, it will submit a so-called reasoned opinion and the next step will be to refer the case to the Court of Justice of the European Union.
The Ministry of Digitalization is responsible for implementing these regulations and is responsible for preparing the National Cybersecurity Systems Law Amendment Bill of 2018. The project proposed by the Ministry of Digitalization provides a procedure for certifying hardware or software suppliers. So-called high-risk suppliers. This is to prevent your data from being shared with other countries. However, the plan has sparked opposition from small and medium-sized carriers who fear they will be stripped of access to equipment.
See also: Patriot missiles again in Poland. There is a statement from the German Ministry of Defense
In their opinion, the amendments proposed by the ministry are not based on technical criteria that would deem certain equipment not to meet safety standards. However, since we are talking about non-EU or NATO countries here and actually mean Chinese suppliers, the supplier's country of origin criterion is introduced.
They are against the new EU directive. “The key to incident response”
Meanwhile, the EC considers that the full implementation of the provisions of the NIS2 Directive is key to further improving the resilience and ability to respond to incidents involving public and private organizations operating in these key sectors and across the EU. I am.
Poland also did not implement the CER Directive on Resilience of Critical Institutions in time. The deadline was also October 17th. This directive shifts the focus from protecting critical infrastructure to increasing the resiliency of the organizations that operate this infrastructure. It also expands the scope of regulated sectors from 2 to 11 by strengthening the resilience of critical infrastructure and critical entities against threats such as natural disasters (these include energy, transportation, health, water, banking, and digital infrastructure). Terrorist attack or sabotage.
The directive is also not implemented in 24 countries. You also have two months to respond.
Your browser does not support video players… Read more
Source link
