NIS2 Incident Reporting
The NIS2 Directive introduces strict incident reporting requirements for organizations covered by the legislation. Understanding and implementing these requirements is crucial for compliance.
Reporting Timeline
Report within 24 hours of becoming aware of the incident.
Provide initial assessment of the incident's severity and potential impact.
Submit a detailed report within 72 hours of the early warning.
Include technical details, affected systems, and initial mitigation measures taken.
Provide a comprehensive report within one month of the incident notification.
Include root cause analysis, long-term mitigation measures, and lessons learned.
What to Report
- Any incident having a significant impact on the provision of your services
- Any significant cyber threat that could potentially result in a significant incident
- Root cause of the incident
- Estimated impact and severity
- Applied and planned mitigation measures
- Cross-border impacts (if any)
Preparing for Incident Reporting
To meet these requirements, organizations should establish clear incident response procedures, define roles and responsibilities, and implement tools for quick detection and assessment of incidents.
Learn more about implementing incident response procedures