Beta

Source: OJ L 333, 27.12.2022, p. 80–152

EN

Recital 61 Designated coordinating CSIRT

Member States should designate one of its CSIRTscomputer security incident response teams as a coordinator, acting as a trusted intermediary between the reporting natural or legal persons and the manufacturers means a natural or legal person who develops or manufactures products with digital elements or has products with digital elements designed, developed or manufactured, and markets them under its name or trademark, whether for payment, monetisation or free of charge; or providers of ICT products means an ICT product as defined in Article 2, point (12), of Regulation (EU) 2019/881; or ICT services means digital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services;, which are likely to be affected by the vulnerability means a weakness, susceptibility or flaw of a product with digital elements that can be exploited by a cyber threat;, where necessary. The tasks of the CSIRT designated as coordinator means a CSIRT designated as coordinator pursuant to Article 12(1) of Directive (EU) 2022/2555. should include identifying and contacting the entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; concerned, assisting the natural or legal persons reporting a vulnerability means a weakness, susceptibility or flaw of a product with digital elements that can be exploited by a cyber threat;, negotiating disclosure timelines and managing vulnerabilities means a weakness, susceptibility or flaw of a product with digital elements that can be exploited by a cyber threat; that affect multiple entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; (multi-party coordinated vulnerability means a weakness, susceptibility or flaw of a product with digital elements that can be exploited by a cyber threat; disclosure). Where the reported vulnerability means a weakness, susceptibility or flaw of a product with digital elements that can be exploited by a cyber threat; could have significant impact on entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; in more than one Member State, the CSIRTs designated as coordinators means a CSIRT designated as coordinator pursuant to Article 12(1) of Directive (EU) 2022/2555. should cooperate within the CSIRTscomputer security incident response teams network, where appropriate.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod