Cyber centre’s guidance on EU directive
(Pic: Shutterstock)

08 Jul 2026 technology Print

Cyber centre’s guidance on EU directive

The National Cyber Security Centre (NCSC) has published guidance for management-board members of organisations covered by an EU directive on cybersecurity.

The NIS2 directive requires the management bodies of essential and important entities to approve and oversee cybersecurity risk-management measures and complete cybersecurity training.

The NCSC’s guidance is designed to help accounting officers and senior managers to understand and meet their cybersecurity responsibilities under the directive.

Framework

The body says that its Cyber Fundamentals Framework (CyFun) is at the centre of the document.

CyFun is the NCSC’s preferred risk-based framework for helping organisations put their legal obligations into practice.

The centre describes NIS2 as “a landmark shift in the legislative landscape”, which assigns accountability for cybersecurity risk management to the highest level of executive management.

“Cybersecurity has evolved far beyond a technical challenge handled in server rooms; it is now a fundamental boardroom priority,” said Minister for Justice Jim O’Callaghan.

“Ireland’s economic prosperity and social wellbeing are inextricably linked to the strength of our digital infrastructure,” he added.

Gazette Desk
Gazette.ie is the daily legal news site of the Law Society of Ireland

Copyright © 2026 Law Society Gazette. The Law Society is not responsible for the content of external sites – see our Privacy Policy.