Beta

Source: OJ L 333, 27.12.2022, p. 80–152

EN

Recital 61 Designated coordinating CSIRT

Member States should designate one of its CSIRTs as a coordinator, acting as a trusted intermediary between the reporting natural or legal persons and the manufacturers or providers of ICT productsmeans an ICT product as defined in Article 2, point (12), of Regulation (EU) 2019/881; or ICT servicesmeans an ICT service as defined in Article 2, point (13), of Regulation (EU) 2019/881;, which are likely to be affected by the vulnerabilitymeans a weakness, susceptibility or flaw of ICT products or ICT services that can be exploited by a cyber threat;, where necessary. The tasks of the CSIRT designated as coordinator should include identifying and contacting the entitiesmeans a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; concerned, assisting the natural or legal persons reporting a vulnerabilitymeans a weakness, susceptibility or flaw of ICT products or ICT services that can be exploited by a cyber threat;, negotiating disclosure timelines and managing vulnerabilitiesmeans a weakness, susceptibility or flaw of ICT products or ICT services that can be exploited by a cyber threat; that affect multiple entitiesmeans a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; (multi-party coordinated vulnerabilitymeans a weakness, susceptibility or flaw of ICT products or ICT services that can be exploited by a cyber threat; disclosure). Where the reported vulnerabilitymeans a weakness, susceptibility or flaw of ICT products or ICT services that can be exploited by a cyber threat; could have significant impact on entitiesmeans a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; in more than one Member State, the CSIRTs designated as coordinators should cooperate within the CSIRTs network, where appropriate.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

springlex@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod