The missions of the NISS sector
The missions of the sector
The mission of the ‘Network and Information Systems’ Security’ department, hereinafter referred to as the “NISS department”, is to ensure the proper implementation of:
- the Law of 28 May 2019 transposing Directive (EU) 2016/1148 (NIS Directive) of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the European Union, hereinafter referred to as the ‘NIS Law’;
- the Law of 17 December 2021 on electronic communications networks and services, which deals with the security of networks and services in Title V, Articles 42 and 43.
Under the NIS Law, the Institut Luxembourgeois de Régulation, hereinafter referred to as the ‘ILR’, is the competent authority for the security of networks and information systems covering the following sectors in particular: Energy, Transport, Health, Drinking Water Supply and Distribution and Digital Infrastructures as well as digital services.
Cybersecurity supervision
The purpose of supervision in the field of cybersecurity is to ensure a high level of cybersecurity in the European Union. The Institute implements supervision through various means, not only through obligations but also through a collaborative approach. In order to promote informed cybersecurity governance in the various sectors.
Annual submission of security measures and notification of significant incidents.
Feedback to companies with a sectoral comparison and individual recommendations.
Provision of a SERIMA cybersecurity platform.
Promotion of information sharing on threats and vulnerabilities as well as risk scenarios.
Organisation of sectoral tabletop exercises.
The NIS2 context
To raise awareness among new entities falling under NIS2, the Institute has organised several information sessions, particularly in conjunction with associations such as FEDIL and CLUSIL. A dedicated section has been set up to provide an overview of the new features of NIS2.