The European Commission published a Communication setting out new guidelines to strengthen the resilience of critical infrastructure across the EU. The guidance is intended to support EU countries in implementing the Critical Entities Resilience Directive, including identifying critical entities in 11 key sectors and taking a more structured approach to reporting the outcomes of sectoral risk assessments. The Communication provides recommendations and practical tools covering sectors such as energy, transport, drinking and wastewater, food, banking and digital infrastructure. It frames the measures as supporting continuity of essential services in the face of external threats including natural hazards, terrorist attacks and public health emergencies, and reflects the Directive’s broader approach of requiring EU countries to develop national strategies, conduct regular risk assessments and identify critical entities, which must then adopt technical, security and organisational resilience measures. The Commission also highlights the need for EU countries to promptly transpose and correctly implement the Directive, and states that it will continue supporting efforts to protect critical infrastructure and strengthen the resilience of critical entities.
European Commission 2025-09-11
European Commission issues guidelines to help EU countries identify critical entities and implement the Critical Entities Resilience Directive
The European Commission issued guidelines to enhance the resilience of critical infrastructure in the EU, supporting the Critical Entities Resilience Directive. Covering 11 sectors, including energy and banking, the guidelines emphasize structured risk assessments and resilience measures. The Commission urges EU countries to swiftly implement the Directive to safeguard essential services against external threats.