{"id":63306,"date":"2023-07-04T16:36:00","date_gmt":"2023-07-04T14:36:00","guid":{"rendered":"https:\/\/fedil.lu\/publications\/nis2directive\/"},"modified":"2023-10-20T10:05:30","modified_gmt":"2023-10-20T08:05:30","slug":"nis2directive","status":"publish","type":"publication","link":"https:\/\/fedil.lu\/de\/publications\/nis2directive\/","title":{"rendered":"NIS 2.0 directive"},"content":{"rendered":"<div class=\"text-block js-section\">\n    <h2 class=\"text-block__title\" data-page-navigation=\"\">\n        \n    <\/h2>\n    <div class=\"text-block__text format-text\">\n        <p>The NIS 2.0 directive on cybersecurity was adopted on December 14, 2022 and repeals the 2016 NIS directive. (Full text of the Directive <a href=\"https:\/\/eur-lex.europa.eu\/legal-content\/FR\/TXT\/?uri=CELEX%3A32022L2555\">HERE<\/a>)<\/p>\n<p>This directive aims to ensure a high common level of cybersecurity of networks and information systems across Europe, and to strengthen the resilience of the European Union&#8217;s IT infrastructures against cyberattacks.<\/p>\n<p>Compared with NIS 1, the NIS 2.0 directive includes a <strong>wider variety of organizations<\/strong> from different sectors.<\/p>\n<p>For the first time, this directive takes into account the <strong>security of the information and communication technology supply chain<\/strong>.<\/p>\n<p>In addition, the NIS 2.0 directive introduces more stringent supervisory measures for national authorities, as well as stricter requirements for enforcement.<\/p>\n<h2 id='s-sectors-in-scope'>Sectors in scope<\/h2>\n<p>The sectors concerned fall into 2 categories, each covering many more areas than in the NIS 1:<\/p>\n<ul>\n<li>The <strong>11 \u00ab\u202fSectors of High Criticality\u202f\u00bb<\/strong> are identified in Annex 1 : Energy &#8211; Transport &#8211; Banking &#8211; Financial market infrastructures &#8211; Health &#8211; Drinking water &#8211; Waste water &#8211; Digital Infrastructure &#8211; ICT service management (business-to-business) \u2013 Public administration \u2013 Space.<\/li>\n<li>The <strong>7 \u00ab\u202fOther Critical Sectors\u202f\u00bb<\/strong> are indentified in Annex 2 : Postal and courier services &#8211; Waste management &#8211; Manufacture, production and distribution of chemicals &#8211; Production, processing and distribution of food &#8211; Manufacturing &#8211; Digital providers &#8211; Research.<\/li>\n<\/ul>\n<p>Check the list of sectors, sub-sectors and types of entities in Annex 1 and 2 <a href=\"https:\/\/fedil.lu\/wp-content\/uploads\/2023\/06\/NIS-2.0_List_covered_sectors_FEDIL.pdf\"><strong>HERE<\/strong><\/a> to confirm if your activity falls within the scope of the NIS 2.0 directive.<\/p>\n<h2 id='s-entities-in-scope'>Entities in scope<\/h2>\n<p>The NIS 2.0 directive introduces a proportionality mechanism that distinguishes two categories of regulated actors according to the level of criticality of the associated sector:<strong> &#8222;Essential Entities&#8220;<\/strong> (EE) and <strong>&#8222;Important Entities&#8220;<\/strong> (EI).<\/p>\n<p><strong>Company size and turnover<\/strong> are also parameters to be taken into account when distinguishing between categories of player. It consists in the application of a <strong>size-cap rule<\/strong> covering almost <strong>all SMEs and large companies<\/strong> and which operate within the sectors and provide the types of service or carry out the activities covered by the NIS 2.0 directive, falling within its scope.<\/p>\n<ul>\n<li>Medium-sized: &gt;= 50 employees or turnover of &gt;= 10 million euros<\/li>\n<li>Large: &gt;= 250 employees or turnover of &gt;= 50 million euros<\/li>\n<\/ul>\n<p>Small and micro enterprises fall outside the scope of NIS 2.0, unless the national authorities consider them essential if they fulfil specific criteria that indicate a key role for society, the economy or for particular sectors or types of service (check the exceptions explained in Article 2. (2) and Article 2. (4)).<\/p>\n<h3 id='s-essential-entities'>Essential entities<\/h3>\n<p>1) The following entities shall be considered to be <strong>Essential Entities<\/strong>:<\/p>\n<ol style=\"list-style-type: lower-alpha;\">\n<li>entities of a type referred to in Annex I which exceed the ceilings for medium-sized enterprises provided for in Article\u202f2(1) of the Annex to Recommendation 2003\/361\/EC*;<\/li>\n<li>qualified trust service providers and top-level domain name registries as well as DNS service providers, <strong>regardless of their size<\/strong>;<\/li>\n<li>providers of public electronic communications networks or of publicly available electronic communications services which qualify as medium-sized enterprises or exceed the ceiling for medium-sized entreprises under Article\u202f2 of the Annex to Recommendation 2003\/361\/EC*;<\/li>\n<li>public administration entities referred to in Article\u202f2(2), point (f)(i);\n<ul>\n<li>(f) the entity is a public administration entity:\n<ul>\n<li>(i) of central government as defined by a Member State in accordance with national law; or<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>any other entities of a type referred to in Annex I or II that are identified by a Member State as essential entities pursuant to Article\u202f2(2), points (b) to (e);\n<ol style=\"list-style-type: lower-alpha;\">\n<li>the entity is the sole provider in a Member State of a service which is essential for the maintenance of critical societal or economic activities;<\/li>\n<li>disruption of the service provided by the entity could have a significant impact on public safety, public security or public health;<\/li>\n<li>disruption of the service provided by the entity could induce a significant systemic risk, in particular for sectors where such disruption could have a cross-border impact;<\/li>\n<li>the entity is critical because of its specific importance at national or regional level for the particular sector or type of service, or for other interdependent sectors in the Member State;<\/li>\n<\/ol>\n<\/li>\n<li>entities identified as critical entities under Directive (EU) 2022\/2557, referred to in Article\u202f2(3) of this Directive\u202f:<br \/>\n(3) Regardless of their size, this Directive applies to entities identified as critical entities under <a href=\"https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX%3A32022L2557\">Directive (EU) 2022\/2557<\/a> of the European Parliament and of the Council of 14 December 2022 on the resilience of critical entities;<\/li>\n<li>if the Member State so provides, entities which that Member State identified before\u202f16\u202fJanuary 2023 as operators of essential services in accordance with Directive (EU) 2016\/1148 (NIS 1) or national law.<\/li>\n<\/ol>\n<h3 id='s-important-entities'>Important entities<\/h3>\n<p>2) Entities of a type referred to in Annex 1 or 2 which do not qualify as essential entities pursuant to paragraph 1 of this Article shall be considered to be <strong>Important Entities<\/strong>. This includes entities identified by Member States as important entities pursuant to Article\u202f2(2), points (b) to (e).<\/p>\n<h4 id='s-references'>References<\/h4>\n<p><u>* NIS 2.0 directive: Article 2 &#8211; Scope<\/u><\/p>\n<ol start=\"2\">\n<li>2) Regardless of their size, this Directive also applies to entities of a type referred to in Annex I or II, where:\n<ol style=\"list-style-type: lower-alpha;\">\n<li>services are provided by:\n<ol style=\"list-style-type: lower-roman;\">\n<li>providers of public electronic communications networks or of publicly available electronic communications services;<\/li>\n<li>trust service providers;<\/li>\n<li>top-level domain name registries and domain name system service providers;<\/li>\n<\/ol>\n<\/li>\n<li>the entity is the sole provider in a Member State of a service which is essential for the maintenance of critical societal or economic activities;<\/li>\n<li>disruption of the service provided by the entity could have a significant impact on public safety, public security or public health;<\/li>\n<li>disruption of the service provided by the entity could induce a significant systemic risk, in particular for sectors where such disruption could have a cross-border impact;<\/li>\n<li>the entity is critical because of its specific importance at national or regional level for the particular sector or type of service, or for other interdependent sectors in the Member State;<\/li>\n<li>the entity is a public administration entity:\n<ul style=\"list-style-type: lower-roman;\">\n<li>of central government as defined by a Member State in accordance with national law; or<\/li>\n<li>at regional level as defined by a Member State in accordance with national law that, following a risk-based assessment, provides services the disruption of which could have a significant impact on critical societal or economic activities.<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<\/li>\n<li>3) Regardless of their size, this Directive applies to entities identified as critical entities under Directive (EU) 2022\/2557.<\/li>\n<li>4) Regardless of their size, this Directive applies to entities providing domain name registration services.<\/li>\n<\/ol>\n<p><u>* Article 2 of Commission Recommendation 2003\/361\/EC<\/u><br \/>\nStaff headcount and financial ceilings determining enterprise categories<\/p>\n<ol>\n<li>1) The category of micro, small and medium-sized enterprises (SMEs) is made up of enterprises which employ fewer than 250 persons and which have an annual turnover not exceeding EUR 50 million, and\/or an annual balance sheet total not exceeding EUR 43 million.<\/li>\n<li>2) Within the SME category, a small enterprise is defined as an enterprise which employs fewer than 50 persons and whose annual turnover and\/or annual balance sheet total does not exceed EUR 10 million.<\/li>\n<li>3) Within the SME category, a microenterprise is defined as an enterprise which employs fewer than 10 persons and whose annual turnover and\/or annual balance sheet total does not exceed EUR 2 million.<\/li>\n<\/ol>\n<p>EEs and IEs face the same obligations, but those in the second category are subject to a lighter supervisory and enforcement regime.<\/p>\n<h2 id='s-flow-charts'>Flow charts<\/h2>\n<h3 id='s-scope'>Scope<\/h3>\n<img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-63325\" src=\"https:\/\/fedil.lu\/wp-content\/uploads\/2023\/06\/Flow-Chart_NIS_2_Scope.png\" alt=\"\" width=\"1802\" height=\"1997\" srcset=\"https:\/\/fedil.lu\/wp-content\/uploads\/2023\/06\/Flow-Chart_NIS_2_Scope.png 1802w, https:\/\/fedil.lu\/wp-content\/uploads\/2023\/06\/Flow-Chart_NIS_2_Scope-433x480.png 433w, https:\/\/fedil.lu\/wp-content\/uploads\/2023\/06\/Flow-Chart_NIS_2_Scope-924x1024.png 924w, https:\/\/fedil.lu\/wp-content\/uploads\/2023\/06\/Flow-Chart_NIS_2_Scope-768x851.png 768w, https:\/\/fedil.lu\/wp-content\/uploads\/2023\/06\/Flow-Chart_NIS_2_Scope-1386x1536.png 1386w\" sizes=\"auto, (max-width: 1802px) 100vw, 1802px\" \/>\n<h3 id='s-essential-important-entities'>Essential &#8211; Important entities<\/h3>\n<img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-63328\" src=\"https:\/\/fedil.lu\/wp-content\/uploads\/2023\/06\/Flow-Chart_Essential_important_EN.png\" alt=\"\" width=\"2218\" height=\"1330\" srcset=\"https:\/\/fedil.lu\/wp-content\/uploads\/2023\/06\/Flow-Chart_Essential_important_EN.png 2218w, https:\/\/fedil.lu\/wp-content\/uploads\/2023\/06\/Flow-Chart_Essential_important_EN-480x288.png 480w, https:\/\/fedil.lu\/wp-content\/uploads\/2023\/06\/Flow-Chart_Essential_important_EN-1024x614.png 1024w, https:\/\/fedil.lu\/wp-content\/uploads\/2023\/06\/Flow-Chart_Essential_important_EN-768x461.png 768w, https:\/\/fedil.lu\/wp-content\/uploads\/2023\/06\/Flow-Chart_Essential_important_EN-1536x921.png 1536w, https:\/\/fedil.lu\/wp-content\/uploads\/2023\/06\/Flow-Chart_Essential_important_EN-2048x1228.png 2048w\" sizes=\"auto, (max-width: 2218px) 100vw, 2218px\" \/>\n<h2 id='s-measures-to-implement'>Measures to implement<\/h2>\n<p>EEs and IEs will have to implement an efficient cybersecurity policy and take appropriate and proportionate technical, operational and organizational measures to manage the risks posed to the security of network and information systems which those entities use for their operations or for the provision of their services, and to prevent or minimise the impact of incidents on recipients of their services and on other service.<\/p>\n<p>The measures shall be based on an \u00ab\u202f<strong>all-hazards<\/strong>\u202f\u00bb approach that aims to protect network and information systems and the physical environment of those systems from incidents, and shall include <strong>at least<\/strong> the following:<\/p>\n<ol style=\"list-style-type: lower-alpha;\">\n<li>policies on risk analysis and information system security;la gestion des incidents;<\/li>\n<li>incident handling;<\/li>\n<li>business continuity, such as backup management and disaster recovery, and crisis management;<\/li>\n<li>supply chain security, including security-related aspects concerning the relationships between each entity and its direct suppliers or service providers;<\/li>\n<li>security in network and information systems acquisition, development and maintenance, including vulnerability handling and disclosure;<\/li>\n<li>policies and procedures to assess the effectiveness of cybersecurity risk-management measures;<\/li>\n<li>basic cyber hygiene practices and cybersecurity training;<\/li>\n<li>policies and procedures regarding the use of cryptography and, where appropriate, encryption;<\/li>\n<li>human resources security, access control policies and asset management;<\/li>\n<li>the use of multi-factor authentication or continuous authentication solutions, secured voice, video and text communications and secured emergency communication systems within the entity, where appropriate.<\/li>\n<\/ol>\n<p>Taking into account the\u202f\u00ab\u202f<strong>state-of-the-art<\/strong>\u202f\u00bb and, where applicable, relevant European and international standards, as well as the cost of implementation, the measures referred shall ensure a level of security of network and information systems appropriate to the risks posed.<\/p>\n<p>When assessing the proportionality of those measures, due account shall be taken of the degree of the entity\u2019s exposure to risks, the entity\u2019s size and the likelihood of occurrence of incidents and their severity, including their societal and economic impact.<\/p>\n<p>Entities may be required to carry out regular tests and technical audits, including penetration tests and vulnerability scans, to assess the effectiveness of the security measures deployed.<\/p>\n<p>Entities will also need to focus on knowledge sharing. They will share information on cyber security risks and measures with each other and with the local government through communities and automatized tools. This will help to create a centralized European \u2018vulnerability register\u2019 of ICT products and services, for which every member state will have a dedicated point of contact.<\/p>\n<h2 id='s-incident-notification'>Incident notification<\/h2>\n<p>The directive introduces a 2-stage incident notification mechanism, so that information can be gathered as quickly as possible to prevent the spread of similar attacks, and to enrich future resilience plans.<\/p>\n<ol>\n<li>1) An<strong> early warning<\/strong> of all significant incidents must be done <strong>within 24 hours<\/strong>\u202f;<br \/>\nThen,<\/li>\n<li>2)<strong> Within 72 hours<\/strong>, an<strong> incident notification<\/strong> which shall update the information shared in the early warning and indicate an initial assessment of the significant incident, including its severity and impact, as well as, where available, the indicators of compromise.<\/li>\n<\/ol>\n<p>A final report not later than <strong>one month<\/strong> after the submission of the incident notification shall be provided as a follow-up measure.<\/p>\n<h2 id='s-managements-accountability'>Management\u2019s accountability<\/h2>\n<p>The NIS 2.0 directive introduces<strong> greater responsibility for legal representatives and decision makers such as CEOs, board members, company directors (RCS registered persons)<\/strong>. Indeed, members of the management bodies of EEs and IEs are required to<strong> undergo training, approve the risk management measures undertaken, and oversee their implementation<\/strong>. In the event of a breach of their obligations, they will be directly liable.<\/p>\n<h2 id='s-sanctions-in-case-of-non-compliance'>Sanctions in case of non-compliance<\/h2>\n<p>Entities that fail to comply with the regulations set forth by the national transposition of the NIS 2.0 directive, are subject to a number of possible sanctions, such as:<\/p>\n<ul>\n<li>Imposing of deadlines for compliance\u202f;<\/li>\n<li>Withdrawal of certification\u202f;<\/li>\n<li>Mandatory discontinuation\u202f;<\/li>\n<li>Fines or administrative sanctions\u202f;<\/li>\n<li>Administrative liability.<\/li>\n<\/ul>\n<p>Administrative sanctions may add up to a maximum of\u202f:<\/p>\n<ul>\n<li><strong>Essential Entities: 10 million euros<\/strong> or 2% of the company&#8217;s total worldwide annual turnover in the preceeding financial year, whichever is higher.<\/li>\n<li><strong>Important Entities: 7 million euros<\/strong> or 1,4% of the company&#8217;s total worldwide annual turnover in the preceeding financial year, whichever is higher.<\/li>\n<\/ul>\n<p>If you have any questions about the NIS 2.0 directive or wish to confirm\/inform FEDIL that your organization falls within its scope, please contact <a href=\"mailto:celine.tarraube@fedil.lu\">celine.tarraube@fedil.lu<\/a>.<\/p>\n\n    <\/div>\n<\/div>\n\n\n<div class=\"useful-information-block js-section\">\n    <div class=\"useful-information__card\">\n        <h3 class=\"useful-information__card-title\" data-page-navigation=\"Conference - One year to go: How to prepare for NIS 2.0 Directive? | 17.10.2023\">\n            Conference &#8211; One year to go: How to prepare for NIS 2.0 Directive? | 17.10.2023\n        <\/h3>\n        <div class=\"useful-information__card-info-items\">\n            \n                            <div>\n                    <a class=\"useful-information__card-info-item\" href=\"https:\/\/fedil.lu\/wp-content\/uploads\/2023\/10\/1-FEDIL_Celine-Tarraube_One-year-to-go_How-to-prepare-for-NIS-2.0-Directive.pdf\" target=\"_blank\">\n                                                    <span class=\"useful-information__card-info-icon\">    <i class=\"icon icon--pdf-document \" style=\"\">\n        <span class=\"a11y__vo-only\"><\/span>\n        <svg tabindex=\"-1\" aria-hidden=\"true\" focusable=\"false\" ><use xlink:href=\"https:\/\/fedil.lu\/wp-content\/themes\/fedil-website\/assets\/dist\/images\/icons.svg?v=1.3.3#pdf-document\"\/><\/svg>\n    <\/i><\/span>\n                                                <div class=\"useful-information__card-info-content-wrapper\">\n                            <span class=\"useful-information__card-info-content\">\n                                C\u00e9line Tarraube (FEDIL) &#8211; One year to go: How to prepare for NIS 2.0 Directive?\n                            <\/span>\n                        <\/div>\n                    <\/a>\n                <\/div>\n                            <div>\n                    <a class=\"useful-information__card-info-item\" href=\"https:\/\/fedil.lu\/wp-content\/uploads\/2023\/10\/2-KPMG_Laurent-de-la-Vaissiere_FEDIL_NIS2-Compliance-Odyssey.pdf\" target=\"_blank\">\n                                                    <span class=\"useful-information__card-info-icon\">    <i class=\"icon icon--pdf-document \" style=\"\">\n        <span class=\"a11y__vo-only\"><\/span>\n        <svg tabindex=\"-1\" aria-hidden=\"true\" focusable=\"false\" ><use xlink:href=\"https:\/\/fedil.lu\/wp-content\/themes\/fedil-website\/assets\/dist\/images\/icons.svg?v=1.3.3#pdf-document\"\/><\/svg>\n    <\/i><\/span>\n                                                <div class=\"useful-information__card-info-content-wrapper\">\n                            <span class=\"useful-information__card-info-content\">\n                                Laurent de la Vaissi\u00e8re (KPMG) &#8211; Compliance Odyssey\n                            <\/span>\n                        <\/div>\n                    <\/a>\n                <\/div>\n                            <div>\n                    <a class=\"useful-information__card-info-item\" href=\"https:\/\/fedil.lu\/wp-content\/uploads\/2023\/10\/3-ILR_Sheila-Becker_FEDIL_NIS-2.0_Collaborative_approach.pdf\" target=\"_blank\">\n                                                    <span class=\"useful-information__card-info-icon\">    <i class=\"icon icon--pdf-document \" style=\"\">\n        <span class=\"a11y__vo-only\"><\/span>\n        <svg tabindex=\"-1\" aria-hidden=\"true\" focusable=\"false\" ><use xlink:href=\"https:\/\/fedil.lu\/wp-content\/themes\/fedil-website\/assets\/dist\/images\/icons.svg?v=1.3.3#pdf-document\"\/><\/svg>\n    <\/i><\/span>\n                                                <div class=\"useful-information__card-info-content-wrapper\">\n                            <span class=\"useful-information__card-info-content\">\n                                Sheila Becker (ILR) &#8211; Collaborative approach\n                            <\/span>\n                        <\/div>\n                    <\/a>\n                <\/div>\n                            <div>\n                    <a class=\"useful-information__card-info-item\" href=\"https:\/\/fedil.lu\/wp-content\/uploads\/2023\/10\/4-CSSF_Cecile-Gellenoncourt_From-NIS1-to-NIS2.pdf\" target=\"_blank\">\n                                                    <span class=\"useful-information__card-info-icon\">    <i class=\"icon icon--pdf-document \" style=\"\">\n        <span class=\"a11y__vo-only\"><\/span>\n        <svg tabindex=\"-1\" aria-hidden=\"true\" focusable=\"false\" ><use xlink:href=\"https:\/\/fedil.lu\/wp-content\/themes\/fedil-website\/assets\/dist\/images\/icons.svg?v=1.3.3#pdf-document\"\/><\/svg>\n    <\/i><\/span>\n                                                <div class=\"useful-information__card-info-content-wrapper\">\n                            <span class=\"useful-information__card-info-content\">\n                                C\u00e9cile Gellenoncourt (CSSF) &#8211; From NIS1 to NIS2\n                            <\/span>\n                        <\/div>\n                    <\/a>\n                <\/div>\n                            <div>\n                    <a class=\"useful-information__card-info-item\" href=\"https:\/\/fedil.lu\/wp-content\/uploads\/2023\/10\/5-MECO_Francois-Thill_Increase-cybersecurity-maturity.pdf\" target=\"_blank\">\n                                                    <span class=\"useful-information__card-info-icon\">    <i class=\"icon icon--pdf-document \" style=\"\">\n        <span class=\"a11y__vo-only\"><\/span>\n        <svg tabindex=\"-1\" aria-hidden=\"true\" focusable=\"false\" ><use xlink:href=\"https:\/\/fedil.lu\/wp-content\/themes\/fedil-website\/assets\/dist\/images\/icons.svg?v=1.3.3#pdf-document\"\/><\/svg>\n    <\/i><\/span>\n                                                <div class=\"useful-information__card-info-content-wrapper\">\n                            <span class=\"useful-information__card-info-content\">\n                                Fran\u00e7ois Thill (MECO) &#8211; Increase cybersecurity maturity\n                            <\/span>\n                        <\/div>\n                    <\/a>\n                <\/div>\n                            <div>\n                    <a class=\"useful-information__card-info-item\" href=\"https:\/\/fedil.lu\/wp-content\/uploads\/2023\/10\/6-LHoC_Pascal-Steichen_FEDIL_NIS-2.0_Securing-Luxembourgs-Digital-Future.pdf\" target=\"_blank\">\n                                                    <span class=\"useful-information__card-info-icon\">    <i class=\"icon icon--pdf-document \" style=\"\">\n        <span class=\"a11y__vo-only\"><\/span>\n        <svg tabindex=\"-1\" aria-hidden=\"true\" focusable=\"false\" ><use xlink:href=\"https:\/\/fedil.lu\/wp-content\/themes\/fedil-website\/assets\/dist\/images\/icons.svg?v=1.3.3#pdf-document\"\/><\/svg>\n    <\/i><\/span>\n                                                <div class=\"useful-information__card-info-content-wrapper\">\n                            <span class=\"useful-information__card-info-content\">\n                                Pascal Steichen (LHoC) &#8211; Securing Luxembourg&#039;s Digital Future\n                            <\/span>\n                        <\/div>\n                    <\/a>\n                <\/div>\n            \n        <\/div>\n    <\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"","protected":false},"author":14,"featured_media":0,"template":"","class_list":["post-63306","publication","type-publication","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/fedil.lu\/de\/wp-json\/wp\/v2\/publication\/63306","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fedil.lu\/de\/wp-json\/wp\/v2\/publication"}],"about":[{"href":"https:\/\/fedil.lu\/de\/wp-json\/wp\/v2\/types\/publication"}],"author":[{"embeddable":true,"href":"https:\/\/fedil.lu\/de\/wp-json\/wp\/v2\/users\/14"}],"version-history":[{"count":29,"href":"https:\/\/fedil.lu\/de\/wp-json\/wp\/v2\/publication\/63306\/revisions"}],"predecessor-version":[{"id":64644,"href":"https:\/\/fedil.lu\/de\/wp-json\/wp\/v2\/publication\/63306\/revisions\/64644"}],"wp:attachment":[{"href":"https:\/\/fedil.lu\/de\/wp-json\/wp\/v2\/media?parent=63306"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}