Beta

Source: OJ L 2024/2847, 20.11.2024

EN

Recital 65 Simultaneous notifications to CSIRT and ENISA

Manufacturersmeans a natural or legal person who develops or manufactures products with digital elements or has products with digital elements designed, developed or manufactured, and markets them under its name or trademark, whether for payment, monetisation or free of charge; should notify simultaneously via the single reporting platform both the computer security incidentmeans an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; response team (CSIRT) designated as coordinator as well as ENISA of actively exploited vulnerabilitiesmeans a vulnerability for which there is reliable evidence that a malicious actor has exploited it in a system without permission of the system owner; contained in products with digital elementsmeans a software or hardware product and its remote data processing solutions, including software or hardware components being placed on the market separately;, as well as severe incidentsmeans an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; having an impact on the security of those products. The notifications should be submitted using the electronic notification end-pointmeans any device that is connected to a network and serves as an entry point to that network; of a CSIRT designated as coordinatormeans a CSIRT designated as coordinator pursuant to Article 12(1) of Directive (EU) 2022/2555. and should be simultaneously accessible to ENISA.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

springlex@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod