Lokal tilstedeværelse · Island

Cybersikkerhetstjenester i Island

Cybersecurity · NIS2 (EEA) · GDPR · CERT-IS coordination

EEA-grade cybersecurity for Island — coordinated with CERT-IS.

From Hafnarfirði, we support Icelandic organisations adopting NIS2 via the EEA framework, complying with Persónuverndarlög (Island's GDPR transposition enforced by Persónuvernd), og coordinating with CERT-IS during significant incidents. Island's small but highly digital economy faces concentrated risk — a few core banks under FME (Fjármálaeftirlitið) supervision, energy operators on a single-island grid, og a tourism sector dependent on always-on platforms. The EEA NIS2 transposition introduces formal essential og important entity obligations for the first time. We bring Nordic-region delivery experience, EEA data residency, og SOC capacity in Stockholm og Zoetermeer.

Regulatorisk landskap

Islandske og EØS-rammeverk i scope

NIS2 (EEA transposition)

Island implements NIS2 via the EEA agreement; essential og important entity obligations enforced by sector authorities.

Persónuverndarlög

Icelandic Data Protection Act (lög nr. 90/2018) enforced by Persónuvernd; 72-hour breach notification.

CERT-IS coordination

Island's national CERT under the Electronic Communications Office; incident reporting og threat advisories.

FME guidance

Fjármálaeftirlitið — operational resilience og ICT risk supervision for Icelandic banks og insurers.

EU regulations via EEA

DORA, eIDAS, og broader EU cyber acquis applied through the EEA Joint Committee.

72 hours
GDPR breach notification
Kilde: Persónuvernd
Concentrated
Domestic ISP/operator population
Kilde: Fjarskiptastofa
Active since 1994
EEA membership
Kilde: EFTA
Financial servicesEnergy & geothermalTourism & hospitality techPublic sector

Slik jobber vi på Island

AI-sikkerhet & Guardrails

EU AI Act adoption through the EEA agreement, Persónuvernd-aligned data protection guardrails, og ISO 42001 governance for Icelandic AI og analytics projects.

Les mer

Applikasjonssikkerhet

Application og API security testing for Icelandic SaaS og online banking platforms.

Les mer

Cloud-sikkerhet

Cloud architecture reviews og EEA data-residency advisory for organisations balancing scale with sovereignty.

Les mer

SOC 24×7

24×7 detection from EEA SOCs with CERT-IS coordination og Icelandic incident reporting flows.

Les mer

GRC

NIS2 readiness, Persónuverndarlög alignment, ISO 27001, og FME-ready resilience programmes.

Les mer

Vanlige spørsmål · Island

Is NIS2 already in force in Island?
Island adopts NIS2 through the EEA framework. Sector authorities are formalising obligations for essential og important entities. Early-readiness work pays off ahead of national-law commencement.
Where does our data sit?
Telemetry og case data remain inside the EEA — primarily processed in our Stockholm og Zoetermeer SOCs. Cross-border transfer outside the EEA only with documented safeguards.
How do you operate alongside Icelandic regulators?
Our SOC drafts incident notifications og evidence packs in English. For Persónuvernd, CERT-IS, or FME submissions that require Icelandic, we coordinate with translation specialists og your local counsel to file on time.

Kontakt vårt Island-rådgivningsteam

Whether you are mapping NIS2 obligations, responding to a CERT-IS advisory, or preparing for an FME review, we respond within one business day.

Island
Fornubúðir 5, 220 Hafnarfirði,
Hafnarfirði, Island
Telefon: +354 662 8660
reykjavik@thegatewaydigital.com
Jeg har lest og samtykker til Personvernerklæring og Bruksvilkår.*
Jeg samtykker til å motta e-postoppdateringer, nyhetsbrev og annen kommunikasjon fra G'Secure Labs.