The missions of the NISS sector
The missions of the sector
The “Network and Information Systems’ Security” department, hereinafter referred to as the “NISS department”, is responsible for ensuring the proper implementation of the Law of 5 May 2026 on measures to ensure a high level of cybersecurity (hereinafter the “NIS 2 Act”);
Under the NIS 2 Act, the Luxembourg Regulatory Institute, hereinafter “the ILR”, is the competent authority responsible for cybersecurity across numerous sectors, including: Energy, Health, and Digital Infrastructure, as well as public administration bodies.
Cybersecurity supervision
The purpose of supervision in the field of cybersecurity is to ensure a high level of cybersecurity in the European Union. The Institute implements supervision through various means, not only through obligations but also through a collaborative approach. In order to promote informed cybersecurity governance in the various sectors.
Annual submission of security measures and notification of significant incidents.
Feedback to companies with a sectoral comparison and individual recommendations.
Provision of a SERIMA cybersecurity platform.
Promotion of information sharing on threats and vulnerabilities as well as risk scenarios.
Organisation of sectoral tabletop exercises.
The NIS2 context
To raise awareness among new entities falling under NIS2, the Institute has organised several information sessions, particularly in conjunction with associations such as FEDIL and CLUSIL. A dedicated section has been set up to provide an overview of the new features of NIS2.