Beta

Source: OJ L 333, 27.12.2022, p. 80–152

EN

Article 10 Computer security incident response teams (CSIRTs)

    1. Each Member State shall designate or establish one or more CSIRTscomputer security incident response teams. The CSIRTscomputer security incident response teams may be designated or established within a competent authorityas defined in Article 46. The CSIRTscomputer security incident response teams shall comply with the requirements set out in Article 11(1), shall cover at least the sectors, subsectors and types of entity means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; referred to in Annexes I and II, and shall be responsible for incident handling means any actions and procedures aiming to prevent, detect, analyse, and contain or to respond to and recover from an incident; in accordance with a well-defined process.

    1. Member States shall ensure that each CSIRT has adequate resources to carry out effectively its tasks as set out in Article 11(3).

    1. Member States shall ensure that each CSIRT has at its disposal an appropriate, secure, and resilient communication and information infrastructure through which to exchange information with essential and important entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; and other relevant stakeholders. To that end, Member States shall ensure that each CSIRT contributes to the deployment of secure information-sharing tools.

    1. The CSIRTscomputer security incident response teams shall cooperate and, where appropriate, exchange relevant information in accordance with Article 29 with sectoral or cross-sectoral communities of essential and important entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations;.

    1. The CSIRTscomputer security incident response teams shall participate in peer reviews organised in accordance with Article 19.

    1. Member States shall ensure the effective, efficient and secure cooperation of their CSIRTscomputer security incident response teams in the CSIRTscomputer security incident response teams network.

    1. The CSIRTscomputer security incident response teams may establish cooperation relationships with third countries’ national computer security incident means an event compromising the availability, authenticity, integrity or confidentiality of stored, transmitted or processed data or of the services offered by, or accessible via, network and information systems; response teams. As part of such cooperation relationships, Member States shall facilitate effective, efficient and secure information exchange with those third countries’ national computer security incident means an event compromising the availability, authenticity, integrity or confidentiality of stored, transmitted or processed data or of the services offered by, or accessible via, network and information systems; response teams, using relevant information-sharing protocols, including the traffic light protocol. The CSIRTscomputer security incident response teams may exchange relevant information with third countries’ national computer security incident means an event compromising the availability, authenticity, integrity or confidentiality of stored, transmitted or processed data or of the services offered by, or accessible via, network and information systems; response teams, including personal data in accordance with Union data protection law.

    1. The CSIRTscomputer security incident response teams may cooperate with third countries’ national computer security incident means an event compromising the availability, authenticity, integrity or confidentiality of stored, transmitted or processed data or of the services offered by, or accessible via, network and information systems; response teams or equivalent third-country bodies, in particular for the purpose of providing them with cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; assistance.

    1. Each Member State shall notify the Commission without undue delay of the identity of the CSIRT referred to in paragraph 1 of this Article and the CSIRT designated as coordinator pursuant to Article 12(1), of their respective tasks in relation to essential and important entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations;, and of any subsequent changes thereto.

    1. Member States may request the assistance of ENISA in developing their CSIRTscomputer security incident response teams.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod