3.5.2 Targeting the Right Addressees

EU cybersecurity measures target a variety of actors, such as controllers, processors, providers of essential services, and providers of digital infrastructure. Recent regulations like the GDPR and the NIS Directive impose security measures on these actors in response to the risks they may face. However, current data protection regulations focus primarily on data controllers, and obligations s...