i

Our site uses cookies to provide you with the best possible user experience, if you choose to continue then we will assume that you are happy for your web browser to receive all cookies from our website.  If you would like more information, please visit our cookie policy page. 

Close

Screen Reader Navigation

Cyber security regulation

Information about the Network and Information Systems Directive

  • Network and information systems regulations 2018

    The NIS Directive was adopted by the European Parliament in July 2016 and came into force in August 2016, it was transposed in to UK law as the Network and Information Systems Regulations (NIS) in 2018. it is designed to boost the overall level of security for network and information systems that support the delivery of essential services, under which a number of aviation services fall. 

    We are the Co-Competent Authority for the regulation of NIS alongside the Department for Transport (DfT) on behalf of the Secretary of State for Transport. DfT is responsible for NIS policy, NIS enforcement, as well as for setting the thresholds which both designate an organisation as an Operator of Essential Service (NIS) and for setting the thresholds which dictate a NIS reportable incident, this is documented within DfT’s Implementation of the NIS Directive Guidance.