Κυβερνοασφάλεια για ΜΜΕ

INFOTV

All organizations processing personal data. Authority: NAIH.

KIBERT2024

Essential and important entities. Authority: SZTFH / NBSZ-NKI.

Determina ACN 38565/2025

Soggetti essenziali e importanti registrati presso ACN. Authority: ACN - Agenzia per la Cybersicurezza Nazionale.

Instruction ACPR 2014-I-07

Etablissements de credit et d'assurance sous supervision ACPR. Authority: ACPR (Autorite de Controle Prudentiel et de Resolution).

Zakon c. 181/2014 Sb.

Operators of essential services, critical information infrastructure. Authority: NUKIB.

2013. evi L. torveny

Allami es onkormanyzati szervek, kozfeladatot ellato szervek. Authority: SZTFH (previously SZSZ / NISZ).

917/2014

Televiestintaverkkojen ja -palvelujen tarjoajat. Authority: Traficom.

AGID

Εθνικές υποχρεώσεις κυβερνοασφάλειας και συμμόρφωσης για οργανισμούς που εμπίπτουν στο πεδίο εφαρμογής αυτής της ρύθμισης.

Κανονισμός ΕΕ 2024/1689

Ρύθμιση συστημάτων τεχνητής νοημοσύνης στην ΕΕ με προσέγγιση βασισμένη στον κίνδυνο. Σταδιακή εφαρμογή: απαγορευμένες πρακτικές από 2 Φεβ. 2025, υποχρεώσεις GPAI από 2 Αυγ. 2025, συστήματα υψηλού κινδύνου από 2 Αυγ. 2026

ARNIS2

Detailed measures for NIS2 implementation. Authority: CCB.

ADAI

All organizations processing personal data. Authority: VDAI.

KAIT (BaFin Rundschreiben 11/2019)

Kapitalverwaltungsgesellschaften (KVG). Authority: BaFin.

Aviso BdP n. 1/2021

Instituicoes de credito e empresas de investimento. Authority: Banco de Portugal.

LB Nutarimas Nr. 03-18 (2020)

Kredito istaigas, draudimo imones, mokejimo istaigas. Authority: Lietuvos bankas (Bank of Lithuania).

Sklep BS (Ur. l. RS 73/2018)

Kreditne institucije in poddruznice tujih bank. Authority: Banka Slovenije.

Circular 2/2023 BdE

Entidades de credito y proveedores de servicios de pago. Authority: Banco de Espana.

BAIT

Banks and financial service providers. Authority: BaFin.

BANKITALIA285

Εθνικές υποχρεώσεις κυβερνοασφάλειας και συμμόρφωσης για οργανισμούς που εμπίπτουν στο πεδίο εφαρμογής αυτής της ρύθμισης.

BWG

Banks, credit institutions. Authority: FMA / OeNB.

BIO

All government entities (Rijksoverheid, municipalities, provinces, water boards). Authority: Ministerie van BZK.

Norma BNR nr. 4/2018

Institutii de credit si institutii financiare. Authority: Banca Nationala a Romaniei (BNR).

BSIG

Essential and important entities (~29,000 organizations across all NIS2 sectors). Authority: BSI.

BDSG

All organizations processing personal data in Germany. Authority: BfDI.

Circulaire CAA 20/10

Entreprises d'assurance et de reassurance. Authority: CAA (Commissariat aux Assurances).

CAD

Εθνικές υποχρεώσεις κυβερνοασφάλειας και συμμόρφωσης για οργανισμούς που εμπίπτουν στο πεδίο εφαρμογής αυτής της ρύθμισης.

CBICROSS

Financial services firms regulated by CBI. Authority: CBI.

CBIOPRES

Banks, insurance companies, investment firms. Authority: CBI.

CFCSBEKENDTGOERELSE

Critical sector operators (energy, transport, health, etc.). Authority: CFCS.

NN 56/2013

Operatori kljucnih infrastruktura. Authority: Ministarstvo unutarnjih poslova.

ZKI (Ur. l. RS 75/2017)

Operatorji kljucne infrastrukture. Authority: Ministrstvo za obrambo.

CSIRTKNF

Financial sector entities. Authority: KNF.

CSSFCIRC

Financial sector entities. Authority: CSSF.

CSG

Essential and important entities. Authority: Amt fuer Kommunikation.

CBW

~8,000 essential and important entities. Authority: NCSC-NL.

CYBERFUN

Voluntary/recommended framework for NIS2 compliance proof. Authority: CCB.

CYBERLAG

Essential and important entities in 18 sectors. Authority: MSB / PTS / Sector supervisors.

BEK nr. 1580 af 17/12/2019

Pengeinstitutter, forsikringsselskaber og vaerdipapirhandlere. Authority: Finanstilsynet.

DPACT

All organizations processing personal data. Authority: IDPC.

DPA2018

All organizations processing personal data. Authority: DPC.

DATABESKYTTELSESLOVEN

All organizations processing personal data. Authority: Datatilsynet.

DSG_LI

All organizations processing personal data. Authority: Datenschutzstelle.

DSG

All organizations processing personal data in Austria. Authority: DSB.

DL125

Essential and important entities, public administration. Authority: CNCS.

DL65

Operators of essential services. Authority: CNCS.

DNB Guidance 2019

Financiele instellingen onder toezicht van DNB. Authority: De Nederlandsche Bank (DNB).

Κανονισμός ΕΕ 2022/2554

Ψηφιακή λειτουργική ανθεκτικότητα για τον χρηματοπιστωτικό τομέα

EITS

Public sector and regulated entities. Authority: RIA.

Finantsinspektsiooni soovituslik juhend (2020)

Krediidiasutused, kindlustusseltsid, investeerimisettevotted. Authority: Finantsinspektsioon (EFSA).

Κανονισμός ΕΕ 910/2014 + Κανονισμός ΕΕ 2024/1183 (eIDAS 2.0)

Ψηφιακή ταυτότητα και πιστοποιημένες υπηρεσίες εμπιστοσύνης (ψηφιακή υπογραφή, πιστοποιημένο email, χρονοσφραγίδα)

EISI

State information resources. Authority: NKSC.

ENS

Public sector, public service providers, critical infrastructure. Authority: CCN / Ministerio de Asuntos Economicos.

FKTK normativie noteikumi 233 (2020)

Kreditiestades, apdrosinasanas sabiedribas, ieguldijumu uznemumi. Authority: FKTK (Finansu un kapitala tirgus komisija) / Latvijas Banka.

FFFS20145

Banks, securities companies, credit market companies. Authority: Finansinspektionen.

FINFSASTANDARDS

Banks, insurance companies, pension funds, investment firms. Authority: Finanssivalvonta.

FPDAL

All organizations processing personal data. Authority: DVI.

FMA-IT-SichV 2021

Kreditinstitute, Versicherungsunternehmen, Wertpapierfirmen. Authority: FMA (Finanzmarktaufsicht).

Κανονισμός ΕΕ 2016/679

Προστασία προσωπικών δεδομένων στην Ευρωπαϊκή Ένωση

Art. L.1110-4-1 Code de la sante publique

Tous les acteurs du secteur sante manipulant des donnees de sante. Authority: ANS / Ministere de la Sante.

Health Act 2004 (as amended), HSE Policy

Healthcare organisations in the public health system. Authority: HSE (Health Service Executive).

HDS

Organizations hosting health data. Authority: ANS / Ministere de la Sante.

IKT_FORSKRIFT

Banks, insurance, pension, securities firms. Authority: Finanstilsynet.

IBSG

Federal administration IT security. Authority: BKA.

IKSSEADUS

All organizations processing personal data. Authority: AKI.

ISO/IEC 27001:2022 - Διεθνές πρότυπο

Σύστημα Διαχείρισης Ασφάλειας Πληροφοριών (ΣΔΑΠ)

ITSIG2

KRITIS operators (energy, water, health, transport, finance, IT, telecoms, food, waste). Authority: BSI.

D.Lgs. 196/2003

Tutti i soggetti che trattano dati personali in Italia. Authority: Garante per la Protezione dei Dati Personali.

IVASS38

Εθνικές υποχρεώσεις κυβερνοασφάλειας και συμμόρφωσης για οργανισμούς που εμπίπτουν στο πεδίο εφαρμογής αυτής της ρύθμισης.

KSI

~2,000 cybersecurity entities in essential and important sectors. Authority: NKSC / KAM (Ministry of National Defence).

KNFREKOM

Banks, credit institutions. Authority: KNF.

KRITISV

Critical infrastructure operators above threshold values. Authority: BSI.

KYBSEADUS

Essential and important entities + research institutions. Authority: RIA / CERT-EE.

KYA1689

Critical and important entities. Authority: NCSA.

KYBERLAKI

Essential and important entities in 18 sectors. Authority: Traficom / Kyberturvallisuuskeskus + 6 sectoral supervisors.

PDLAG

All organizations processing personal data in Sweden. Authority: IMY.

JULKICTLAKI

Public administration entities. Authority: Digi- ja vaestotietovirasto.

LEGEA124

Essential and important entities. Authority: DNSC.

LEGEA190

All organizations processing personal data. Authority: ANSPDCP.

LEGEA362

Operators of essential services. Authority: CERT-RO.

D.Lgs. 138/2024

Soggetti essenziali e importanti nei 18 settori NIS2 (50+ dipendenti o 10M+ fatturato). Authority: ACN - Agenzia per la Cybersicurezza Nazionale.

LEI58

All organizations processing personal data. Authority: CNPD.

LPIC

Critical infrastructure operators (12 strategic sectors). Authority: CNPIC / Ministerio del Interior.

LCGC

Essential and important entities. Authority: Centro Nacional de Ciberseguridad.

LOPDGDD

All organizations processing personal data in Spain. Authority: AEPD.

NETORYGGI

Critical infrastructure operators. Authority: Fjarskiptastofa / CERT-IS.

PERSONUVERNDARLÖG

All organizations processing personal data. Authority: Personuvernd.

LPM

Operateurs d'Importance Vitale (OIV). Authority: ANSSI / SGDSN.

LPDP_LU

All organizations processing personal data. Authority: CNPD.

LSRI

Critical infrastructure operators. Authority: Centre de crise national.

LNIS2

Essential and important entities in 18 NIS2 sectors. Authority: CCB.

LPDP

All organizations processing personal data in Belgium. Authority: APD/GBA.

LOIINFORMATIQUE

All organizations processing personal data in France. Authority: CNIL.

LCEN

Digital economy operators, e-commerce, ISPs. Authority: Gouvernement.

LRICRC

Essential and important entities in 18 sectors. Authority: ANSSI.

DIGSIKHETSLOV

Essential service providers, digital infrastructure. Authority: NSM + sector regulators.

MDIA

Technology arrangements and innovative technology services. Authority: MDIA.

MFSA Banking Rule BR/22

Credit institutions, insurance undertakings, investment services licensees. Authority: MFSA (Malta Financial Services Authority).

MK397

Regulated entities under NKDL. Authority: National Cybersecurity Centre.

MNB Ajnlas 8/2020

Hitelintezetek, biztositok, penzugyi valalatok. Authority: Magyar Nemzeti Bank (MNB).

NKDL

Essential and important entities. Authority: National Cybersecurity Centre / CERT.LV.

NCSB

Essential and important entities. Authority: NCSC.

Circulaire NBB_2015_32

Etablissements de credit, entreprises d'assurance, institutions de paiement. Authority: Banque Nationale de Belgique (NBB/BNB).

Opatrenie NBS c. 3/2018

Banky, poistovne, investicne spolocnosti. Authority: Narodna banka Slovenska (NBS).

NIS2CY

Essential and important entities. Authority: DSA.

NISG2026

~4,000 essential and important entities. Authority: NIS Buero / BMI.

Οδηγία ΕΕ 2022/2555

Ασφάλεια δικτύων και πληροφοριακών συστημάτων για βασικές και σημαντικές οντότητες

NISDK

~6,000 essential and important entities. Authority: CFCS + Styrelsen for Samfundssikkerhed.

N4624

All organizations processing personal data. Authority: HDPA.

N5160

Essential and important entities. Authority: NCSA (Ethniki Archi Kybernoasfaleias).

Naredba za MMIS (prieta s PMS 186/2019)

Operators of essential services and digital service providers. Authority: State Agency for Cybersecurity.

OUG155

Essential and important entities. Authority: DNSC.

SFS 2008:355

Vardgivare som behandlar patientdata. Authority: Socialstyrelsen / IMY.

PCI-DSS v4.0 (σε ισχύ από 31 Μαρτίου 2024)

Πρότυπο ασφάλειας για οντότητες που διαχειρίζονται, επεξεργάζονται ή μεταδίδουν δεδομένα καρτών πληρωμής

PERSONOPPLYSNINGSLOVEN

All organizations processing personal data. Authority: Datatilsynet.

BoG Governor Act 2577/2006 (as amended)

Pistotika idrymata kai epicheiriseis ependyseon. Authority: Trapeza tis Ellados (Bank of Greece).

GDPRCY

All organizations processing personal data. Authority: Commissioner for Personal Data Protection.

PL8364

~6,000-8,000 essential and important entities. Authority: ILR (most sectors) / CSSF (financial).

PSNC

Εθνικές υποχρεώσεις κυβερνοασφάλειας και συμμόρφωσης για οργανισμούς που εμπίπτουν στο πεδίο εφαρμογής αυτής της ρύθμισης.

RDLOPD

All data controllers and processors. Authority: AEPD.

RJSE

Foundation cybersecurity law. Authority: CNCS.

Rozp. RM z dnia 12 kwietnia 2012 r.

Podmioty realizujace zadania publiczne. Authority: Ministerstwo Cyfryzacji.

SL46041

Essential and important entities. Authority: CIPD.

SAKERHETSSKYDDSLAGEN

Entities handling classified information, security-sensitive activities. Authority: Saekerhetspolisen (SAPO).

SECNUMCLOUD

Cloud service providers handling sensitive/government data. Authority: ANSSI.

SIKKHETSLOV

Entities handling classified info, critical infrastructure. Authority: NSM.

Lov nr. 169 af 3/3/2011 (som aendret)

Udbydere af elektroniske kommunikationsnet og -tjenester. Authority: Erhvervsstyrelsen.

TKG 2021 §§90-93

Anbieter oeffentlicher Kommunikationsnetze und -dienste. Authority: RTR-GmbH.

TKG 2021 §§165-169

Telekommunikationsanbieter und Betreiber oeffentlicher Telekommunikationsnetze. Authority: BNetzA / BSI.

TSL

All organizations processing personal data in Finland. Authority: Tietosuojavaltuutettu.

UAVG

All organizations processing personal data in Netherlands. Authority: Autoriteit Persoonsgegevens.

UOKBS

Detailed measures, audit requirements. Authority: SOA.

UKSC

Essential and important entities. Authority: Ministerstwo Cyfryzacji / CSIRT NASK / CSIRT GOV / CSIRT MON.

UODO_ACT

All organizations processing personal data. Authority: UODO.

VAIT

Insurance companies. Authority: BaFin.

VYHKB_SK

Regulated entities. Authority: NBU.

VYHLKB

Regulated entities under ZOKB. Authority: NUKIB.

WBNI

Vital service providers and digital service providers. Authority: NCSC-NL.

WGS

Healthcare organizations, health data processors. Authority: Dutch Healthcare Authority.

ZOOU_SK

All organizations processing personal data. Authority: UOOU SK.

ZOKB_SK

~3,403 essential and important entities. Authority: NBU.

ZINFV1

Essential and important entities. Authority: URSIV / SI-CERT.

ZOKBS

8,000-10,000 essential and important entities. Authority: SOA / CERT.hr / CIPD.

ZOKB

Essential and important entities in 15 sectors (50+ employees or 10M+ EUR turnover). Authority: NUKIB.

ZOOU

All organizations processing personal data. Authority: UOOU.

ZOZOP

All organizations processing personal data. Authority: AZOP.

ZVOP2

All organizations processing personal data. Authority: IP.

ZOKBS_BG

18 sectors, essential and important entities. Authority: State Agency for Cybersecurity.

ZZLD

All organizations processing personal data. Authority: KZLD.