Re-registration obligation with the National Cybersecurity Authority and Security Officer requirements

Greece has issued two Joint Ministerial Decisions (“JMDs”) under Law 5160/2024, which transposes the NIS2 Directive. These decisions introduce an obligation for all entities to re-register with the National Cybersecurity Authority (“NCA”), extend the previously provided registration deadline, and clarify the qualifications and role of the Security Officer.

(Re)registration with the National Cybersecurity Authority

New deadline: 30 September 2025 
Who is affected: Both essential and important entities
Obligation: Entities must either (i) register on the digital platform maintained by the NCA or (ii) if already registered via e-mail, re-register on the platform
Registration details: The registration information has been expanded to include details of the Security Officer and the size of the entity

Qualifications and role of the Security Officer

Effective date: 1 November 2025
Who is affected: Both essential and important entities
Appointment duty: Designation of Security Officer following instructions of the JMD
Key eligibility criteria: Minimum relevant professional experience or academic credentials and no criminal record for specific cyber-related offences
Core responsibilities: Continuous oversight of security measures, incident reporting to the NCA and supply-chain security checks, among others

Sanctions

Non-compliance may lead to sanctions up to EUR 10,000,000, or 2% of the entity’s total worldwide annual turnover in the preceding financial year, whichever is higher, depending on the nature and severity of the breach and the entity's classification.

Next Steps

The JMDs provide clarifications on existing compliance obligations while introducing some new requirements for entities. To avoid duplication of effort, fines, or operational disruption, entities should:

  1. Register (or re-register) via NCA’s digital platform.

  2. Identify and vet a qualified Security Officer. 

  3. Align internal security policies (incident handling, supply chain security, unified security policy) with the Security Officer duties.

 

Relevant News

New Immigration Law 5275/2026 | Key provisions and prac...

Law 5275/2026 modernises Greece's legal migration framework by accelerating application processing, increasing flex...

Cadastral Posting in the Cyclades...

On 19 January 2026, the posting of cadastral data commenced for certain Regional Units of the South Aegean Region. ...

Clinical trials in Greece | Key changes under the 2026 ...

A new framework for clinical trials and related studies was issued earlier this month under Ministerial Decision No...

READ ALL NEWS