Fines for poor cybersecurity
Greece, like other European Union member-states, is in the process of implementing a new European directive against hacker attacks, which provides for a series of measures in the public and private sector and concerns a total of approximately 3,000 entities.
In addition to the central government, regional and municipal authorities, as well as companies with 50 to 250 employees and a yearly turnover of up to 250 million euros will have to comply with the provisions of the directive. The same goes for businesses in critical industries such as energy, transportation, healthcare, digital cloud and data center services, telecommunications, food, chemical and pharmaceutical manufacturing, waste management and couriers.
The Ministry of Digital Governance is expected to present lawmakers with its bill for the integration of the EU directive into national law soon.
In the new landscape that is being created, the main pillar will be the National Cyber Security Authority, which is responsible, among other things, for identifying security lapses in agencies, businesses and organizations.
It is also responsible for imposing sanctions and administrative fines, the amount of which can be up to €10 million or 2% of the business’ global turnover.