Entities belonging to the digital infrastructure sector are in essence based on network and information systems and therefore the obligations imposed on those entities pursuant to this Directive should address in a comprehensive manner the physical security of such systems as part of their cybersecurity risk-management measures and reporting obligations. Since those matters are covered by this Directive, the obligations laid down in Chapters III, IV and VI of Directive (EU) 2022/2557 do not apply to such entities.
NIS2 Recital EN
Recital 31
Related across sources
Guidance Guidelines 9/2022 on personal data breach notification under GDPR News CNIL (France) - SAN-2025-015 Guidance Guidelines 05/2020 on consent under Regulation 2016/679 Guidance Guidelines 05/2022 on the use of facial recognition technology in the area of law enforcement News Complaint: Amazon doesnโt allow baseline TLS security News IP (Slovenia) - 0609-42/2026/7