Difference between revisions of "Operator of Essential Services"
(→France) |
(→France) |
||
Line 105: | Line 105: | ||
{{definition|«Opérateur de services essentiels»: une entité publique ou privée dont le type figure à l'annexe II et qui répond aux critères énoncés à l'article 5, paragraphe 2. <ref>[http://eur-lex.europa.eu/legal-content/FR/TXT/PDF/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 - FR]</ref>}}<br/> | {{definition|«Opérateur de services essentiels»: une entité publique ou privée dont le type figure à l'annexe II et qui répond aux critères énoncés à l'article 5, paragraphe 2. <ref>[http://eur-lex.europa.eu/legal-content/FR/TXT/PDF/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 - FR]</ref>}}<br/> | ||
{{definition|An operator of critical infrastructure: - exercises activities cited in Article R. 1332-2 and included in a critical sector; - manages or uses for this activity one or more organisations or works, one or more facilities, whose damage, unavailability or destruction due to malicious action, sabotage or terrorism would directly or indirectly seriously compromise the military or economic capabilities, the security or the survival ability of the nation or seriously threaten the lives of its population. <ref>[http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/national-cyber-security-strategies-in-the-world Information Systems Defence and Security: France’s Strategy, Republique Francaise, 2011.]</ref>}}<br/> | {{definition|An operator of critical infrastructure: - exercises activities cited in Article R. 1332-2 and included in a critical sector; - manages or uses for this activity one or more organisations or works, one or more facilities, whose damage, unavailability or destruction due to malicious action, sabotage or terrorism would directly or indirectly seriously compromise the military or economic capabilities, the security or the survival ability of the nation or seriously threaten the lives of its population. <ref>[http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/national-cyber-security-strategies-in-the-world Information Systems Defence and Security: France’s Strategy, Republique Francaise, 2011.]</ref>}}<br/> | ||
− | {{definition | + | {{definition| Un opérateur d’importance vitale : exerce des activités mentionnées à l’article R. 1332-2 et comprises dans un secteur d’activités d’importance vitale ; gère ou utilise au titre de cette activité un ou des établissements ou ouvrages, une ou des installations dont le dommage ou l’indisponibilité ou la destruction par suite d’un acte de malveillance, de sabotage ou de terrorisme risquerait, directement ou indirectement d’obérer gravement le potentiel de guerre ou économique, la sécurité ou la capacité de survie de la Nation ou de mettre gravement en cause la santé ou la vie de la population. <ref>[https://www.ssi.gouv.fr/entreprise/glossaire/o/ Glossaire SSI.gouv.fr]</ref>}}<br/><br/> |
==== [[Germany]] ==== | ==== [[Germany]] ==== |
Revision as of 18:52, 26 November 2017
Contents
- 1 Definitions
- 1.1 European Definitions
- 1.2 National Definitions
- 1.2.1 Austria
- 1.2.2 Belgium
- 1.2.3 Bulgaria
- 1.2.4 Croatia
- 1.2.5 Cyprus
- 1.2.6 Czech Republic
- 1.2.7 Denmark
- 1.2.8 Estonia
- 1.2.9 Finland
- 1.2.10 France
- 1.2.11 Germany
- 1.2.12 Greece
- 1.2.13 Hungary
- 1.2.14 Ireland
- 1.2.15 Italy
- 1.2.16 Latvia
- 1.2.17 Lithuania
- 1.2.18 Luxembourg
- 1.2.19 Malta
- 1.2.20 Netherlands
- 1.2.21 Poland
- 1.2.22 Portugal
- 1.2.23 Romania
- 1.2.24 Slovakia
- 1.2.25 Slovenia
- 1.2.26 Spain
- 1.2.27 Sweden
- 1.2.28 United Kingdom
- 1.3 Standard Definition
- 1.4 Other Definitions
- 2 See also
- 3 Notes
Definitions
European Definitions
European Commission
Operador de Serviços Essenciais: Uma entidade pública ou privada pertencente a um dos tipos referidos no anexo II da Diretiva (UE) n.º 2016/1148 do Parlamento Europeu e do Conselho, de 6 de julho de 2016, e que cumpre os critérios previstos no n.º 2 do artigo 5.º, da mesma Diretiva. [1]
Annex II of the Directive contains the list of essential ICT-controlled / ICT-based services: energy (power, gas, oil), transport (air, rail, water, road), banking, financial market infrastructures, health sector, drinking water supply & distribution, and Digital Infrastructure (IXPs, DNS service providers, TLD name registries).
Article 5(2): The criteria for the identification of the operators of essential services shall be as follows: (a) an entity provides a service which is essential for the maintenance of critical societal and/or economic activities; (b) the provision of that service depends on network and information systems; and (c) an incident would have significant disruptive effects on the provision of that service.
Article 5(2)
The criteria for the identification of the operators of essential services shall be as follows:
- (a) an entity provides a service which is essential for the maintenance of critical societal and/or economic activities;
- (b) the provision of that service depends on network and information systems; and
- (c) an incident would have significant disruptive effects on the provision of that service.
Sector | Subsector | Type of entity |
---|---|---|
Energy | Electricity | Electricity undertakings as defined in point (35) of Article 2 of Directive 2009/72/EC of the European Parliament and of the Council [2], which carry out the function of ‘supply’ as defined in point (19) of Article 2 of that Directive |
Distribution system operators as defined in point (6) of Article 2 of Directive 2009/72/EC | ||
Transmission system operators as defined in point (4) of Article 2 of Directive 2009/72/EC | ||
Oil | Operators of oil transmission pipelines | |
Operators of oil production, refining and treatment facilities, storage and transmission | ||
Gas | Supply undertakings as defined in point (8) of Article 2 of Directive 2009/73/EC of the European Parliament and of the Council [3] | |
Distribution system operators as defined in point (6) of Article 2 of Directive 2009/73/EC | ||
Transmission system operators as defined in point (4) of Article 2 of Directive 2009/73/EC | ||
Storage system operators as defined in point (10) of Article 2 of Directive 2009/73/EC | ||
LNG system operators as defined in point (12) of Article 2 of Directive 2009/73/EC | ||
Natural gas undertakings as defined in point (1) of Article 2 of Directive 2009/73/EC | ||
Operators of natural gas refining and treatment facilities | ||
Transport | Air transport | Air carriers as defined in point (4) of Article 3 of Regulation (EC) No 300/2008 of the European Parliament and of the Council |
Airport managing bodies as defined in point (2) of Article 2 of Directive 2009/12/EC of the European Parliament and of the Council ( 4), airports as defined in point (1) of Article 2 of that Directive, including the core airports listed in Section 2 of Annex II to Regulation (EU) No 1315/2013 of the European Parliament and of the Council ( 5), and entities operating ancillary installations contained within airports | ||
Traffic management control operators providing air traffic control (ATC) services as defined in point (1) of Article 2 of Regulation (EC) No 549/2004 of the European Parliament and of the Council | ||
Rail transport | Infrastructure managers as defined in point (2) of Article 3 of Directive 2012/34/EU of the European Parliament and of the Council | |
Railway undertakings as defined in point (1) of Article 3 of Directive 2012/34/EU, including operators of service facilities as defined in point (12) of Article 3 of Directive 2012/34/EU | ||
Water transport | Inland, sea and coastal passenger and freight water transport companies, as defined for maritime transport in Annex I to Regulation (EC) No 725/2004 of the European Parliament and of the Council ( 8), not including the individual vessels operated by those companies | |
Managing bodies of ports as defined in point (1) of Article 3 of Directive 2005/65/EC of the European Parliament and of the Council ( 9), including their port facilities as defined in point (11) of Article 2 of Regulation (EC) No 725/2004, and entities operating works and equipment contained within ports | ||
Operators of vessel traffic services as defined in point (o) of Article 3 of Directive 2002/59/EC of the European Parliament and of the Council | ||
Road transport | Road authorities as defined in point (12) of Article 2 of Commission Delegated Regulation (EU) 2015/962 ( 11) responsible for traffic management control | |
Operators of Intelligent Transport Systems as defined in point (1) of Article 4 of Directive 2010/40/EU of the European Parliament and of the Council | ||
Banking | Credit institutions as defined in point (1) of Article 4 of Regulation (EU) No 575/2013 of the European Parliament and of the Council | |
Financial market infrastructures | Operators of trading venues as defined in point (24) of Article 4 of Directive 2014/65/EU of the European Parliament and of the Council | |
Central counterparties (CCPs) as defined in point (1) of Article 2 of Regulation (EU) No 648/2012 of the European Parliament and of the Council | ||
Health sector | Health care settings (including hospitals and private clinics) | Healthcare providers as defined in point (g) of Article 3 of Directive 2011/24/EU of the European Parliament and of the Council |
Drinking water supply and distribution | Suppliers and distributors of water intended for human consumption as defined in point (1)(a) of Article 2 of Council Directive 98/83/EC ( 17) but excluding distributors for whom distribution of water for human consumption is only part of their general activity of distributing other commodities and goods which are not considered essential services | |
Digital infrastructure | IXPs | |
DNS service providers | ||
TLD name registries |
National Definitions
Austria
Belgium
Bulgaria
Croatia
Cyprus
Czech Republic
Denmark
Estonia
Finland
France
Germany
Greece
Hungary
Ireland
Italy
Latvia
Lithuania
Luxembourg
Malta
Netherlands
Poland
Portugal
Romania
Slovakia
Slovenia
Spain
Sweden
United Kingdom
Standard Definition
Other Definitions
See also
Notes
- ↑ DIRECTIVE (EU) 2016/1148 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
- ↑ Directive 2009/72/EC of the European Parliament and of the Council
- ↑ [ http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016L1148&from=EN#ntr2-L_2016194EN.01002701-E0002 Directive 2009/73/EC of the European Parliament and of the Council]
- ↑ Directive (EU) 2016/1148 -DE
- ↑ Directive (EU) 2016/1148 - - NL
- ↑ Directive (EU) 2016/1148 - - FR
- ↑ Directive (EU) 2016/1148 - BG
- ↑ Directive (EU) 2016/1148 - HR
- ↑ Directive (EU) 2016/1148 - EL
- ↑ Directive (EU) 2016/1148 - CS
- ↑ Directive (EU) 2016/1148 - DA
- ↑ Directive (EU) 2016/1148 - ET
- ↑ Directive (EU) 2016/1148 - FI
- ↑ Directive (EU) 2016/1148 - FR
- ↑ Information Systems Defence and Security: France’s Strategy, Republique Francaise, 2011.
- ↑ Glossaire SSI.gouv.fr
- ↑ Directive (EU) 2016/1148 -DE
- ↑ Directive (EU) 2016/1148 – EL
- ↑ Directive (EU) 2016/1148 - HU
- ↑ Directive (EU) 2016/1148 - EN
- ↑ Directive (EU) 2016/1148 - IT
- ↑ Directive (EU) 2016/1148 - LV
- ↑ Directive (EU) 2016/1148 - LT
- ↑ Directive (EU) 2016/1148 - FR
- ↑ Directive (EU) 2016/1148 - MT
- ↑ Directive (EU) 2016/1148 - NL
- ↑ Directive (EU) 2016/1148 - PL
- ↑ Strategia Cyberbezpieczeństwa Rzeczypospolitej Polskiej na lata 2017-2022
- ↑ Directive (EU) 2016/1148 - PT
- ↑ Directive (EU) 2016/1148 - RO
- ↑ Directive (EU) 2016/1148 - SK
- ↑ Directive (EU) 2016/1148 - SL
- ↑ Directive (EU) 2016/1148 - ES
- ↑ Directive (EU) 2016/1148 - SV
- ↑ Directive (EU) 2016/1148 - EN