Skip to the main content

Review article

The Current and Developing Regulatory Framework of Information Security in the EU and the Republic of Croatia

Tihomir Katulić
Hrvoje Lisičar


Full text: english pdf 318 Kb

page 25-51

downloads: 108

cite


Abstract

Information security involves ensuring the reliable, confidential and trustworthy operation of information systems and preserving the availability and reliability of data. Its framework and content are increasingly regulated by law. Research consistently shows that the number of attacks on information systems as well as data breaches is rising. Information security practices are no longer just a matter of recognised industrial self-regulation standards but are instead increasingly the focus of legislators in the European Union as well as in comparative law. In the last five years, the regulation of information security in the European Union has undergone significant changes and expansion through numerous regulations, directives and legislative proposals that are still under development. This paper provides an overview and basic analysis of the current positive legal framework for information security in the European Union and the Republic of Croatia from substantive and institutional aspects. Specific regulations containing provisions in the field of information security are listed chronologically, and de lege ferenda proposals are also considered.

Keywords

information security, NIS Directive, NIS2, Cybersecurity Act, GDPR

Hrčak ID:

318345

URI

https://hrcak.srce.hr/318345

Publication date:

26.6.2024.

Visits: 287 *