{"id":732,"date":"2024-01-29T16:47:57","date_gmt":"2024-01-29T16:47:57","guid":{"rendered":"https:\/\/nis2resources.eu\/?page_id=732"},"modified":"2024-08-09T07:41:51","modified_gmt":"2024-08-09T07:41:51","slug":"article-11","status":"publish","type":"page","link":"https:\/\/nis2resources.eu\/directive-2022-2555-nis2\/article-11\/","title":{"rendered":"Article 11, Requirements, technical capabilities and tasks of CSIRTs"},"content":{"rendered":"\n
1. The CSIRTs shall comply with the following requirements:<\/p>\n\n\n\n
(a) the CSIRTs shall ensure a high level of availability of their communication channels by avoiding single points of failure, and shall have several means for being contacted and for contacting others at all times; they shall clearly specify the communication channels and make them known to constituency and cooperative partners;<\/p>\n\n\n\n
(b) the CSIRTs\u2019 premises and the supporting information systems shall be located at secure sites;<\/p>\n\n\n\n
(c) the CSIRTs shall be equipped with an appropriate system for managing and routing requests, in particular to facilitate effective and efficient handovers;<\/p>\n\n\n\n
(d) the CSIRTs shall ensure the confidentiality and trustworthiness of their operations;<\/p>\n\n\n\n
(e) the CSIRTs shall be adequately staffed to ensure availability of their services at all times and they shall ensure that their staff is trained appropriately;<\/p>\n\n\n\n
(f) the CSIRTs shall be equipped with redundant systems and backup working space to ensure continuity of their services.<\/p>\n\n\n\n
The CSIRTs may participate in international cooperation networks.<\/p>\n\n\n\n
2. Member States shall ensure that their CSIRTs jointly have the technical capabilities necessary to carry out the tasks referred to in paragraph 3. Member States shall ensure that sufficient resources are allocated to their CSIRTs to ensure adequate staffing levels for the purpose of enabling the CSIRTs to develop their technical capabilities.<\/p>\n\n\n\n
3. The CSIRTs shall have the following tasks:<\/p>\n\n\n\n
(a) monitoring and analysing cyber threats, vulnerabilities and incidents at national level and, upon request, providing assistance to essential and important entities concerned regarding real-time or near real-time monitoring of their network and information systems;<\/p>\n\n\n\n
(b) providing early warnings, alerts, announcements and dissemination of information to essential and important entities concerned as well as to the competent authorities and other relevant stakeholders on cyber threats, vulnerabilities and incidents, if possible in near real-time;<\/p>\n\n\n\n
(c) responding to incidents and providing assistance to the essential and important entities concerned, where applicable;<\/p>\n\n\n\n
(d) collecting and analysing forensic data and providing dynamic riskRisk<\/span> Means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident.\r\r- Definition according Article 6 Directive (EU) 2022\/2555 (NIS2 Directive)<\/a><\/span><\/span><\/span> and incidentIncident<\/span> Means an event compromising the availability, authenticity, integrity or confidentiality of stored, transmitted or processed data or of the services offered by, or accessible via, network and information systems.\r\r- Definition according Article 6 Directive (EU) 2022\/2555 (NIS2 Directive)<\/a><\/span><\/span><\/span> analysis and situational awareness regarding cybersecurityCybersecurity<\/span> \u2018cybersecurity\u2019 means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019\/881;\r\r- Definition according Article 6 Directive (EU) 2022\/2555 (NIS2 Directive)<\/a>\r\r'cybersecurity\u2019 means the activities necessary to protect network and information systems, the users of such systems,\rand other persons affected by cyber threats;\r\r- Definition according Article 2, point (1), of Regulation (EU) 2019\/881;<\/span><\/span><\/span>;<\/p>\n\n\n\n (e) providing, upon the request of an essential or important entityEntity<\/span> Means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations.\r\r- Definition according Article 6 Directive (EU) 2022\/2555 (NIS2 Directive)<\/a><\/span><\/span><\/span>, a proactive scanning of the network and information systems of the entity concerned to detect vulnerabilities with a potential significant impact;<\/p>\n\n\n\n (f) participating in the CSIRTs network and providing mutual assistance in accordance with their capacities and competencies to other members of the CSIRTs network upon their request;<\/p>\n\n\n\n