Irish Information Security Forum


Cybersecurity & Information Security Legislation : EU, Ireland

EU cyber resilience act

EU Cyber Resilience Act - For safer and more secure digital products © European Union

The proposal for a regulation on cybersecurity requirements for products with digital elements, known as the Cyber Resilience Act, bolsters cybersecurity rules to ensure more secure hardware and software products.

Proposal Document (Part 1) 
Annex Document (Part 2)  

NIS2 LegislationNIS2 Directive

Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive) (Text with EEA relevance)

EU Cybersecurity ActThe EU Cybersecurity Act

An EU-wide cybersecurity certification framework for ICT products, services and processes. Companies doing business in the EU will benefit from having to certify their ICT products, processes and services only once and see their certificates recognised across the European Union.
Download Act Document

Proposed Amendement

Data Protection Act Ireland GDPRThe Data Protection Act 2018

Gives effect to the limited areas of flexibility permitted under the General Data Protection Regulation (GDPR), transposes the law enforcement Directive into Irish law, replaces the Data Protection Commissioner with the Data Protection Commission and provides for consequential amendments to various Acts that contain references to the Data Protection Acts 1988 and 2003. 

Download Act

The Digital Operational Resilience Act (DORA)The Digital Operational Resilience Act (DORA)

 DORA is an EU regulation that entered into force on 16 January 2023 and will apply as of 17 January 2025. It aims at strengthening the IT security of financial entities. DORA brings harmonisation of the rules relating to operational resilience for the financial sector applying to 20 different types of financial entities and ICT third-party service providers. 

Download Act

EU AI Act EU Artifical Intelligence (AI) Act

It sets out a risk-based framework for AI, applying various rules and requirements depending on the level of risk attached to the use-case. A handful of potential AI use-cases are deemed "unacceptable risk" and banned outright, such as social scoring or subliminal manipulation. The law also defines a set of "high risk" applications, such as AI used in education or employment, or for remote biometrics. 

Download Act




If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland



We would like to thank these generous sponsors for their support. 

crowdstrike logo

zscaler logo



Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more


secured by edgescan digital security radar logo

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy Statement  - Sponsorship  - Cybersecurity News Topics  - Cybersecurity Resources  - Produced by
LinkedIn Twitter