Source: OJ L, 2026/881, 20.4.2026Current language: EN
- Cyber resilience for products with digital elements
Delegated acts
- Terms and conditions for delaying notifications
Article 5 Terms and conditions for applying cybersecurity-related grounds in relation to the single reporting platform
Summary What does Article 5 of the Terms and conditions for delaying notifications say?
Article 5 addresses a specific platform-level scenario that complements the earlier articles dealing with delays in notification dissemination.
Where Articles 3 and 4 focused on content sensitivity and CSIRT-specific concerns as grounds for delay, this article deals with the integrity of the single reporting platform itself.
If ENISA notifies the CSIRTs Network that the single reporting platform has suffered a cybersecurity incident that undermines its ability to keep notifications confidential, the CSIRT initially receiving the notification is permitted to hold off on disseminating via that platform until ENISA confirms confidentiality has been restored.
Important points:
- The CSIRT initially receiving the notification may delay dissemination via the single reporting platform if that platform has been compromised by a cybersecurity incident affecting confidentiality.
- ENISA acts as the trigger for both the delay and its lifting — the delay begins when ENISA informs the CSIRTs Network of the incident and ends only when ENISA confirms confidentiality has been restored.
- This provision is expressly tied to the single reporting platform established under Article 16 of Regulation (EU) 2024/2847, meaning it applies to that specific channel only.
Springlex's summary of the article, a reading aid, not a substitute for the legal text.
The CSIRT initially receiving the notification may decide to delay the dissemination of notifications via the single reporting platform established by Article 16 of Regulation (EU) 2024/2847 where ENISA has informed the CSIRTs Network, in accordance with Article 16(4) of that Regulation, that the single reporting platform has been affected by a cybersecurity incident casting doubt on its ability to ensure the confidentiality of notified information. In such cases, the CSIRT initially receiving the notification may delay the dissemination via the single reporting platform until ENISA has informed the CSIRTs Network that the platform’s ability to ensure the confidentiality of notifications has been restored.
Relevant recitals
Recital 6 Compromise of the single reporting platform
In order to prevent malicious actors from accessing sensitive information, where the single reporting platform established under Article 16 of Regulation (EU) 2024/2847 has been compromised by a cybersecurity incident, the CSIRT initially receiving the notification should delay the dissemination via the single reporting platform until the platform’s ability to ensure the confidentiality of notified information has been restored.
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.
Definition
incident
Definition
cybersecurity
Definition
CSIRT designated as coordinator
Definition
CSIRT initially receiving the notification