MSBFS 2018:8 Controls

We are not lawyers, this is not legal advise.

It is your responsibility to discover what law applies to you and how to best comply with it. In case of doubt, consult your Data Protection Officer (DPO) or equivalent.

The EU NIS2 directive defines critical entities, i.e., IT entities which are really important to society. If you are a critical entity or a supplier to critical entities, then you need to comply with the NIS2 directive.

The EU NIS2 directive is implemented in Sweden by a number of regulations issued by the Swedish Civil Contingencies Agency (Myndigheten för samhällsskydd och beredskap -- MSB).

Long story short, you need to implement ISO 27001. See the ISO 27001 Control page to learn more about how Compliant Kubernetes helps.

Further Reading

• Informationssäkerhet för NIS-leverantörer
• MSBFS 2018:8 föreskrifter och allmänna råd om informationssäkerhet för leverantörer av samhällsviktiga tjänster