Lokal närvaro · Island

Cybersäkerhetstjänster i Island

Cybersecurity · NIS2 (EEA) · GDPR · CERT-IS coordination

EEA-grade cybersecurity for Island — coordinated with CERT-IS.

From Hafnarfirði, we support Icelandic organisations adopting NIS2 via the EEA framework, complying with Persónuverndarlög (Island's GDPR transposition enforced by Persónuvernd), och coordinating with CERT-IS during significant incidents. Island's small but highly digital economy faces concentrated risk — a few core banks under FME (Fjármálaeftirlitið) supervision, energy operators on a single-island grid, och a tourism sector dependent on always-on platforms. The EEA NIS2 transposition introduces formal essential och important entity obligations for the first time. We bring Nordic-region delivery experience, EEA data residency, och SOC capacity in Stockholm och Zoetermeer.

Regulatoriskt landskap

Isländska och EES-ramverk inom omfattning

NIS2 (EEA transposition)

Island implements NIS2 via the EEA agreement; essential och important entity obligations enforced by sector authorities.

Persónuverndarlög

Icelandic Data Protection Act (lög nr. 90/2018) enforced by Persónuvernd; 72-hour breach notification.

CERT-IS coordination

Island's national CERT under the Electronic Communications Office; incident reporting och threat advisories.

FME guidance

Fjármálaeftirlitið — operational resilience och ICT risk supervision for Icelandic banks och insurers.

EU regulations via EEA

DORA, eIDAS, och broader EU cyber acquis applied through the EEA Joint Committee.

72 hours
GDPR breach notification
Källa: Persónuvernd
Concentrated
Domestic ISP/operator population
Källa: Fjarskiptastofa
Active since 1994
EEA membership
Källa: EFTA
Financial servicesEnergy & geothermalTourism & hospitality techPublic sector

Så arbetar vi på Island

AI-säkerhet & Guardrails

EU AI Act adoption through the EEA agreement, Persónuvernd-aligned data protection guardrails, och ISO 42001 governance for Icelandic AI och analytics projects.

Läs mer

Applikationssäkerhet

Application och API security testing for Icelandic SaaS och online banking platforms.

Läs mer

Molnsäkerhet

Cloud architecture reviews och EEA data-residency advisory for organisations balancing scale with sovereignty.

Läs mer

SOC 24×7

24×7 detection from EEA SOCs with CERT-IS coordination och Icelandic incident reporting flows.

Läs mer

GRC

NIS2 readiness, Persónuverndarlög alignment, ISO 27001, och FME-ready resilience programmes.

Läs mer

Vanliga frågor · Island

Is NIS2 already in force in Island?
Island adopts NIS2 through the EEA framework. Sector authorities are formalising obligations for essential och important entities. Early-readiness work pays off ahead of national-law commencement.
Where does our data sit?
Telemetry och case data remain inside the EEA — primarily processed in our Stockholm och Zoetermeer SOCs. Cross-border transfer outside the EEA only with documented safeguards.
How do you operate alongside Icelandic regulators?
Our SOC drafts incident notifications och evidence packs in English. For Persónuvernd, CERT-IS, or FME submissions that require Icelandic, we coordinate with translation specialists och your local counsel to file on time.

Kontakta vårt Island-team

Whether you are mapping NIS2 obligations, responding to a CERT-IS advisory, or preparing for an FME review, we respond within one business day.

Island
Fornubúðir 5, 220 Hafnarfirði,
Hafnarfirði, Island
Telefon: +354 662 8660
reykjavik@thegatewaydigital.com
Jag har läst och godkänner integritetspolicyn och användarvillkoren.*
Jag samtycker till att ta emot e-postuppdateringar, nyhetsbrev och annan kommunikation från G'Secure Labs.