The cybersecurity obligations laid down in this Directive should be considered to be complementary to the requirements imposed on trust service providers under Regulation (EU) No 910/2014. Trust service providers should be required to take all appropriate and proportionate measures to manage the risks posed to their services, including in relation to customers and relying third parties, and to report incidents under this Directive. Such cybersecurity and reporting obligations should also concern the physical protection of the services provided. The requirements for qualified trust service providers laid down in Article 24 of Regulation (EU) No 910/2014 continue to apply.
NIS2 Recital EN
Recital 93
Related across sources
Guidance Guidelines 9/2022 on personal data breach notification under GDPR Guidance Guidelines 05/2022 on the use of facial recognition technology in the area of law enforcement Guidance Guidelines 2/2018 on derogations of Article 49 under Regulation 2016/679 Guidance Guidelines 4/2019 on Article 25 Data Protection by Design and by Default Version 2.0 Adopted on 20 October 2020 Guidance Guidelines 03/2022 on Deceptive design patterns in social media platform interfaces: how to recognise and avoid them Guidance Guidelines 05/2020 on consent under Regulation 2016/679