Abstract
The increasing frequency, severity, and complexity of cyber-attacks at EU level highlights the significant importance of robust cyber security frameworks. This article examines the role of EU regulations, in particular the Directive on measures for a high common level of cybersecurity across the Union (NIS 2 Directive) and the Cyber Resilience Act (CRA), in strengthening cyber resilience in critical sectors. First, the review of EU regulations was carried out through a comparative analysis of the legislative documents to highlight objectives, targeted entities, security measures, and compliance and clarify how they are designed to improve cyber resilience in critical sectors. Furthermore, the methodology includes an applied case study designed to explore the practical implications of European regulations on cyber resilience through the examination of the hybrid threat - multiple cyber-attacks mixed with influence operations through the cyberspace targeting the civilian and defense infrastructures of an essential port. By analyzing the attacks through the lens of the NIS 2 Directive and CRA, this case study illustrates how EU regulations provide an efficient foundation for strengthening security and response measures. It also identifies operational challenges and demonstrates how adaptable frameworks aligned with EU regulations enable organizations to recover more effectively. These findings contribute to the broader discourse on securing critical infrastructures and advancing practical solutions to cyber resilience in an interconnected digital environment. To further improve understanding and preparedness, future research should focus on organizing tabletop exercises (TTX) that simulate scenarios similar to those analyzed in this case study.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call