News Item

Guidelines on Incident Notification for Digital Service Providers

ENISA publishes a comprehensive guideline on how to implement incident notification requirements for Digital Service Providers, in the context of the NIS Directive.

Published on February 28, 2017

The EU’s first DSP mandatory incident notification requirements as part of the first EU-wide set of rules on cyber-security, are a major step towards achieving a common level of cyber-security across the Union. ENISA’s comprehensive technical guideline supports stakeholders in addressing mandatory incident notification for Digital Service Providers (DSPs) in the context of the NIS Directive. Based on the requirements of the Directive and valuable input from Member States and DSPs directly impacted by the Directive, this guideline touches the following topics:

  • identifying types of incidents to be reported
  • definitions and clarifications on parameters and thresholds
  • defining substantial incidents
  • description of the incident reporting process and the stakeholders involved
  • cross border sharing of incidents
  •  identification of DSPs

This report represents an outline technical proposal used as input for the discussions regarding the implementation of article 16 of the NIS Directive, concerning mandatory incident notification for DSPs.

The full report is available here

For media and press enquiries please contact press@enisa.europa.eu, Tel: +30 2814 409576

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

We use cookies to ensure we give you the best browsing experience on our website. Find out more on how we use cookies and how you can change your settings.

Ok, I understand No, tell me more