EU law recital

Recital 78

This page is part of LegalViz.EU, a tool that helps readers move through EU legislation more quickly and understand its structure.

Navigate this law: Law overview · Articles · Annexes

Previous recital · Next recital · Start with Article 1

Cybersecurity risk-management measures should take into account the degree of dependence of the essential or important entity on network and information systems and include measures to identify any risks of incidents, to prevent, detect, respond to and recover from incidents and to mitigate their impact. The security of network and information systems should include the security of stored, transmitted and processed data. Cybersecurity risk-management measures should provide for systemic analysis, taking into account the human factor, in order to have a complete picture of the security of the network and information system.