cyber security regulation in de eu
cyber security regulation in de eu


EU considers datacenters as critical infrastructure

The European Commission is tackling cyber resilience through NIS2 legislation. Digital infrastructure such as Internet Exchange Point (IXP) providers, Domain Name System (DNS) service providers, Top Level Domain (TLD) registries, and cloud and datacenter providers would be considered “essential” entities.

Companies with an annual turnover of 10 million and/or 50 employees will soon be obliged to check their systems for vulnerabilities, perform risk analyses, improve their security and preferably make daily backups. With the new proposal, all medium and large companies in the relevant sectors should comply. In this way, Brussels hopes to curb the increasing cybercrime.

NIS2 requirements include measures such as risk analysis and security policy for information systems, incident handling, business continuity and crisis management. But also supply chain security and vulnerability disclosure. In addition, policies and procedures must be defined to assess the effectiveness of cybersecurity risk management (testing and auditing).

On top of that stricter surveillance measures will apply for the authorities of the EU countries. NIS2 also introduces harmonized sanctions across the Union. These include fines of up to €10 million or 2% of the total annual turnover.



Every industrial cybersecurity question demands a tailor-made answer and solution. Our focused team of professionals who understand your business are here to assist your company in securing your mission critical facilities to the highest level.


Stay informed about latest developments and upcoming activities in the field of Industrial cybersecurity.