NIS 2 Directive, Proposal 16.12.2020

The NIS 2 Directive, Requirements and tasks of CSIRTs

Article 10, NIS 2 Directive (Proposal 16.12.2020).

Requirements and tasks of CSIRTs

1. CSIRTs shall comply with the following requirements:

(a) CSIRTs shall ensure a high level of availability of their communications services by avoiding single points of failure, and shall have several means for being contacted and for contacting others at all times. CSIRTs shall clearly specify the communication channels and make them known to constituency and cooperative partners;

(b) CSIRTs’ premises and the supporting information systems shall be located in secure sites;

(c) CSIRTs shall be equipped with an appropriate system for managing and routing requests, in particular, to facilitate effective and efficient handovers;

(d) CSIRTs shall be adequately staffed to ensure availability at all times;

(e) CSIRTs shall be equipped with redundant systems and backup working space to ensure continuity of its services;

(f) CSIRTs shall have the possibility to participate in international cooperation networks.

2. CSIRTs shall have the following tasks:

(a) monitoring cyber threats, vulnerabilities and incidents at national level;

(b) providing early warning, alerts, announcements and dissemination of information to essential and important entities as well as to other relevant interested parties on cyber threats, vulnerabilities and incidents;

(c) responding to incidents;

(d) providing dynamic risk and incident analysis and situational awareness regarding cybersecurity;

(e) providing, upon request of an entity, a proactive scanning of the network and information systems used for the provision of their services;

(f) participating in the CSIRTs network and providing mutual assistance to other members of the network upon their request.

3. CSIRTs shall establish cooperation relationships with relevant actors in the private sector, with a view to better achieving the objectives of the Directive.

4. In order to facilitate cooperation, CSIRTs shall promote the adoption and use of common or standardised practices, classification schemes and taxonomies in relation to the following:

(a) incident handling procedures;

(b) cybersecurity crisis management;

(c) coordinated vulnerability disclosure.

Note: This is not the final text of the NIS 2 Directive. This is the text of the NIS 2 Directive Proposal of 16.12.2020.