malta

The Malta Critical Infrastructure Protection Directorate (CIPD) operates within the portfolio of the Ministry for Home Affairs, Security, Reforms and Equality (MHSR) in Malta. It acts according to the objectives defined by L.N. 434 of 2011 on Critical Infrastructures and European Critical Infrastructures (Identification, Designation and Protection) Order as well as the objectives defined by L.N. 216 of 2018 on Measures for High Common Level of Security of Network and Information Systems Order of 2018. These Orders are the transposition of Council Directive 2008/114/EC of 8th December 2008 and Council Directive 2016/1148 of 6th July 2016 (better known as the NIS Directive), respectively. The Malta CIP Directorate establishes the criteria for the identification and designation of Critical Infrastructures (CI’s), Critical Information Infrastructures (CII’s), and Operators of Essential Services (OES’s) and maintains a national inventory of critical assets within designated Critical Infrastructures and Critical Information Infrastructures. Moreover, in terms of the NIS Directive, the Directorate ensures, amongst others, that Critical Infrastructure (CI) and Critical Information Infrastructure (CII) owners or operators and Operators of Essential Services (OES): 1. Conduct an appropriate Risk Assessment; 2. Draw and maintain a suitable Operator Security Plan (OSP); 3. Perform operational reviewing, updating and the necessary exercising of such plans (OSPs); 4. Share CI, CII information as may be required from time to time, and 5. Operators of Essential Services report incidents having a significant impact on the continuity of the essential services they provide. Malta CIP Directorate acts as the European CIP (ECIP) Contact Point on CIP issues and is the Single Point of Contact (SPOC) on NIS issues communicating and reporting on the above to the European Commission and to ENISA. In addition, the CIPD, in close collaboration with public- and private-sector critical infrastructure and critical information infrastructure stakeholders, drives a coordinated national effort that oversees the development and implementation of an effective critical information/infrastructure protection for the country. An equally fundamental role of the Malta CIP Directorate is the coordination and support of general emergency preparedness plans capable of responding to national emergencies. Finally, Malta CIP provides adequate early warnings/alerts and advice via CSIRT Malta (the cyber monitoring arm within the CIPD) concerning Cyber threats and incidents, reaching out to operators of Critical Information Infrastructures (CII) and ultimately to other sectors, businesses and citizens.