Incident reporting plays an important role in these efforts as it contributes in improving stakeholders' knowledge of the actual security problems at stake.
An effective incident reporting system contributes to the collection of reliable and up-to-date data on information security incidents and ensures:
- quick dissemination of information among interested parties,
- a coordinated response,
- access to a wide pool of expertise about such incidents,
- that national authorities can follow up with the infrastructure managers in a regulatory capacity,
- threat analysis; and
- identification of good practices.
The European Commission has highlighted, in a number of key policy documents, the importance of getting reliable, up-to-date and comparable data on security incidents in order to develop a clear understanding of the nature and extent of the challenges at stake.
Recognizing the importance of the topic of incident reporting and the need to prepare the ground for these policy and regulatory developments, ENISA performed an extensive stock taking of Member States activities with the aim to identify and analyze existing practices for incident reporting procedures resulting in the Good Practice Guide on Incident Reporting.
The main objective was to identify good practices and to share them with Member States throughout the EU. Such a stock taking of good practices could serve as a basis to the overall discussion on how Member States could best implement the provision on breach notification of article 13 of the revised Framework Directive.