Commission Implementing Regulation (EU) 2023/203 laying down rules for the application of Regulation (EU) 2018/1139 as regards requirements for the management of information security risks with a potential impact on aviation safety for organisations
This Regulation sets out the requirements to be met by the organisations and competent authorities in order:
to identify and manage information security risks with potential impact on aviation safety which could affect information and communication technology systems and data used for civil aviation purposes;
to detect information security events and identify those which are considered information security incidents with potential impact on aviation safety; and
to respond to, and recover from, those information security incidents.
This Regulation applies to many different organisations and competent authorities. Please refer to the official article for more details.