Mon. Oct 14th, 2024

Helsinki, 19 January 2024

The Ministry of the Interior has sent out for comments a proposal for an act on the protection of infrastructure critical to society and on the improvement of resilience. The legislative project will enhance national security and the resilience of society.

In the project, the Directive of the European Parliament and of the Council on the resilience of critical entities, which entered into force in January 2023, will be transposed into national law. The Critical Entities Resilience Directive introduces new requirements for Finland, including new official duties related to the identification and supervision of critical entities.

Within the EU, cross-border services have become more common and the Member States’ mutual dependence on each other’s physical and digital infrastructure has increased. The aim of the Directive is to improve the proper functioning of the EU internal market and to manage the repercussions of changes in the security environment by preparing for hybrid threats, for example.

“The dramatic changes in the security environment have further increased the need to protect critical infrastructure and improve the resilience of society in general. Over the past couple of years, we have also seen deliberate attacks on critical infrastructure in Europe,” says Minister of the Interior Mari Rantanen.

Eleven sectors critical to the functioning of society

The legislative project and the scope of the Directive cover eleven sectors: energy, transport, banking, financial market infrastructure, health, food, drinking water, waste water, digital infrastructure, public administration, and space.

The legislative proposal circulated for comments contains a general act on protecting critical infrastructure and improving resilience prepared by the Ministry of the Interior. It defines the arrangements for official activities, and common requirements, criteria and key obligations concerning all actors.

The legislative proposal also includes a proposal prepared by the Ministry of Justice to extend the scope of the Security Clearance Act so that a standard security clearance could in future also be conducted on persons receiving non-disclosable information on critical infrastructure. It would be mandatory to conduct a security clearance on employees who have access to critical information at international ports.

“It is also important to protect critical infrastructure data through security clearances. We have recently seen worrying developments at European ports, for example, and it is important that we address them,” says Minister of Justice Leena Meri.

The legislative project will implement the Government Programme’s objective of strengthening national security and society’s resilience. The Government Programme also states that the protection of infrastructure critical to the functioning of society will be improved.

The legislative project is being prepared in close cooperation with the national implementation of the EU Directive on measures for a high common level of cybersecurity across the Union (NIS2), in which the main responsibility lies with the Ministry of Transport and Communications.

The consultation period will last for six weeks. The legislative project will continue until the end of 2024. The government proposal is scheduled to be submitted to Parliament during the 2024 spring session. The national legislation would enter into force in October 2024.

Source – Finnish Government

Forward to your friends