Categorisation
The Cybersecurity Act defines the criteria for the categorisation of key and important entities.
For providers of public electronic communications networks or publicly available electronic communications services, categorisation is carried out as follows:
For providers of public electronic communications networks or publicly available electronic communications services, categorisation is carried out as follows:
- For key entities (pursuant to Article 9 of the Cybersecurity Act): providers of public electronic communications networks or publicly available electronic communications services that either constitute a medium-sized entity of a small economy under the law governing economic policy incentives for development, restructuring, and market adjustment of small enterprises, or exceed the upper limits for medium-sized entities of a small economy.
- For important entities (pursuant to Article 10 of the Cybersecurity Act): providers of public electronic communications networks or publicly available electronic communications services that are not categorised as key entities, irrespective of their size.