Regulation GDPR & NIS2 Directive

The legislation known as EU Regulation 2016/679 (GDPR) has introduced the figure of the “Data Processor” who will have to provide the “sufficient guarantees” to implement the appropriate technical and organizational measures to guarantee the security and protection of data confidentiality.

This figure, appointed by the Data Controller, must have proven skills in the specific areas for which he or she will be held responsible, as well as deontologically and ethically suitable.

In addition, for companies in the NIS2 perimeter, it is also necessary to appoint the CSIRT Contact Person, who is the figure elected by an organization to maintain official contacts with ACN’s national CSIRT and to manage the flow of communications regarding security incidents, vulnerabilities and NIS2 alerts.

KERNET, only for the customers it follows in MSP mode, will be able to consider making custom agreements to fill these positions, packaging an ad-hoc proposal.