Sammendrag
The thesis examines encryption (cryptographic methods) as a security measure under the GDPR and the NIS Directive, in particular article 32 and 14/16, respectively. It discusses the term 'state of the art' and researches relevant sources to establish both its application within encryption as a security measure, as well as what method should be applied to assess what an appropriate security level might be. While there exists many sources relevant to the subject, the bottom line is a requirement to the organisations subject to the regulation to always investigate and ensure that they are at the necessary security level in their conduct. The thesis suggests that certificates may be a valuable tool to assist in ensuring compliance.