About this initiative
COMMISSION IMPLEMENTING REGULATION (EU) …/... laying down rules for application of Directive (EU) 2016/1148 of the European Parliament and of the Council as regards further specification of the elements to be taken into account by digital service providers for managing the risks posed to the security of network and information systems and of the parameters for determining whether an incident has a substantial impact
Give your feedback
The Commission would like to hear your views.All feedback
Subscribe to receive notifications
VNO-NCW welcomes the possibility to comment on the draft Commission Implementing Regulation laying down rules that concern the security and notification obligations of digital service providers (DSPs). VNO-NCW supports the objectives of the NIS directive to ensure a high common level of network and information security across the EU. This is important to boost trust and to the smooth functioning of the internal market. The NIS directive makes...
Syntec Numérique (France)
Syntec Numérique est le syndicat professionnel français des entreprises de services du numérique, des éditeurs de logiciels et des sociétés de conseil en technologies. Il regroupe plus de 1 800 entreprises qui réalisent 80 % du chiffre d’affaires total du secteur (plus de 50Md€ de chiffre d’affaires, 427 000 employés dans le secteur). Syntec Numérique contribue à la promotion et à la croissance du numérique à travers le développement de l...
IBM (United Kingdom)
Duplicate reporting requirements when a Data Services Provider is providing services to an Operator of Essential Services - As currently described, a DSP outage which only impacts an OES will have to be reported by both the OES and the DSP. We believe this duplicate reporting is unnecessary and risks creating confusion. As a DSP, we cannot imagine a situation where we would not know that we are providing a service to an OES, either because...
Please see attached our feedback on the EC Draft Implementing Act for DSPs. Sincerely, Jan Neutze Director of Cybersecurity Policy EMEA Corporate External and Legal Affairs Microsoft
American Chamber of Commerce to the European Union (AmCham EU) (Belgium)
To avoid market fragmentation through nationally divergent standard compliance requirements, the implementing measure should explicitly reference ISO27001/27002, the NIST Cybersecurity Framework - which is rapidly becoming a global best practice - or similar, and internationally recognised frameworks which Digital Service Providers (DSPs) can certify against. To preserve the light-touch approach for DSPs and to avoid disproportionate...
GSMA (United Kingdom)
The attached contribution represents the views of the GSMA. The GSMA represents the interests of mobile operators worldwide, uniting nearly 800 operators with more than 250 companies in the broader mobile ecosystem, including handset and device makers, software companies, equipment providers and internet companies, as well as organisations in adjacent industry sectors. The GSMA also produces industry-leading events such as Mobile World...