SECURITY
CER Directive
SECURITY
CER Directive
Origin
Directive (EU) 2022/2557 on the resilience of critical entities
General overview
The Critical Entities Resilience (CER) Directive is a complimentary directive to the NIS2 Directive. It sets minimum standards for an EU resilience framework that supports Member States in their national efforts to ensure that entities which are critical to society and the economy are able to prevent, resist, absorb and recover from disruptive incidents, regardless of if they are caused by natural disasters, accidents, terrorism, insider threats, or public health emergencies.
The CER Directive therefore aims to create an overarching EU legal framework that addresses the resilience of critical entities in respect of all hazards, whether natural or man-made, accidental or intentional.
The CER Directive defines a process for Member States to identify "critical entities" in 11 sectors. These sectors are set out in the Annex to the directive. These critical entities must take appropriate and proportionate technical, security, and organisational measures, as described in the directive. The 11 sectors are energy, transport, banking, financial market infrastructure, health, drinking water, waste water, digital infrastructure, public administration space and food production processing and distribution.
Status
Directive was published in the Official Journal of the EU on 27 December 2022
Member States must adopt & publish implementing measures by 17 October 2024 & apply those measures from 18 October 2024
TO BE TRANSPOSED
BY 17 OCT 2024