European Union: European Commission issued guidelines on resilience of critical entities

On 11 September 2025, the European Commission issued guidelines and a reporting template developed pursuant to Articles 5(5), 6(6), and 7(3) of Directive (EU) 2022/2557 on the resilience of critical entities. The guidelines aim to support Member States in strengthening the resilience of critical infrastructure across the European Union by providing recommendations and practical instructions to identify critical entities in 11 sectors, including energy, transport, drinking and wastewater, food, banking, and digital infrastructure. The guidelines assist Member States in implementing the Directive on the resilience of critical entities, which requires them to develop national strategies, conduct regular risk assessments, and ensure identified critical entities implement technical, security, and organisational measures to assure their resilience against various threats, including hybrid threats and malicious cyber activity.