Regulatory Alerts2018-09-08
Royal Decree-Law 12/2018 of 7 September on the security of network and information systems
The Spanish State issued Royal Decree-Law 12/2018 to transpose EU Directive 2016/1148, establishing a comprehensive legal framework for the security of network and information systems. The decree mandates essential service operators and digital service providers to implement risk management measures and notify significant security incidents to competent authorities. It defines the institutional structure for cybersecurity, including the roles of CSIRTs and the National Security Council, while ensuring coordination with existing national and European regulations.
Share