Home › Practice › Digital Skills Digital Skills Medium
In the context of the European Union's digital policies, network security and cybersecurity are fundamental pillars. Considering the strategic objectives of the EU and recent regulatory frameworks, which of the following statements best describes the relationship between data protection and cybersecurity governance in the EU digital space? The Digital Security Regulation (DSA) is the primary instrument that regulates the protection of personal data and establishes security obligations for cloud service providers, replacing the GDPR in all aspects of information security. Cybersecurity in the EU is managed exclusively through the European Union Agency for Cybersecurity (ENISA), which has the legal authority to impose administrative sanctions on member states for network security breaches. The General Data Protection Regulation (GDPR) and the NIS2 Directive (on network and information security) are complementary frameworks that, together, aim to ensure that data is secure and that essential EU infrastructure is resilient against cyber-attacks, ensuring the continuity of digital services. The protection of personal data is a secondary objective that only applies to private sector companies, with no implications for the cybersecurity of critical public infrastructure. The EU digital strategy integrates network security and data protection as interconnected objectives, where the GDPR protects citizens' rights and the NIS2 Directive obliges essential service operators to manage cybersecurity risks, reflecting the EU's commitment to a secure and trustworthy digital environment.
Select an option first More Digital Skills questions