NIS 2
Contact Us
English

Log in

Implement & Learn

Implementation Products

Conformio
ISO 27001 Compliance Software
Built by top industry experts to automate your compliance and lower overhead.
Learn more

NIS 2 Documentation Toolkits
All Policies, Procedures, and Records
Our toolkits supply you with all of the documents required for NIS 2 compliance.
View all

Learning Products

Training
Accredited Online Training by Top Experts
Our course and webinar library will help you gain the knowledge that you need for your certification.
View All
Resources
Resources

By Type

Articles

Webinars

Courses

White Papers

Templates & Tools

View All

Where to Start

ISO 27001

NIS 2

ISO 9001

EU GDPR

ISO 14001

EU MDR

ISO 45001

ISO 13485

ISO 17025

IATF 16949

ISO 22301

AS9100

ISO 20000

ISO in General

NewAI Tool
Experta: AI-Powered Knowledge Base

Try now

Other

Live Consultations

Consultant Directory

Community
- Resources
For Consultants
About Us

Our Team

Leading Experts

Experienced auditors, trainers, and consultants ready to assist you.
About Advisera
Contact Us

Get Started

Home
Resources
NIS 2
Computer security incident response teams (CSIRTs)

Full Text of NIS 2 Directive

(Network and Information Security Directive)

NIS 2 Table of Contents

Chapter 1 (Art. 1 – 6) General provisions
Chapter 2 (Art. 7 – 13) Coordinated cybersecurity frameworks
Chapter 3 (Art. 14 – 19) Cooperation at union and international level
Chapter 4 (Art. 20 – 25) Cybersecurity risk-management measures and reporting obligations
Chapter 5 (Art. 26 – 28) Jurisdiction and registration
Chapter 6 (Art. 29 – 30) Information sharing
Chapter 7 (Art. 31 – 37) Supervision and enforcement
Chapter 8 (Art. 38 – 39) Delegated and implementing acts
Chapter 9 (Art. 40 – 46) Final provisions
Annexes (Anx. 1 – 3)

Source EUR-Lex: https://eur-lex.europa.eu/

NIS 2 Chapter 2 Article 10

Article 10 – Computer security incident response teams (CSIRTs)

Each Member State shall designate or establish one or more CSIRTs. The CSIRTs may be designated or established within a competent authority. The CSIRTs shall comply with the requirements set out in Article 11(1), shall cover at least the sectors, subsectors and types of entity referred to in Annexes I and II, and shall be responsible for incident handling in accordance with a well-defined process.
Member States shall ensure that each CSIRT has adequate resources to carry out effectively its tasks as set out in Article 11(3).
Member States shall ensure that each CSIRT has at its disposal an appropriate, secure, and resilient communication and information infrastructure through which to exchange information with essential and important entities and other relevant stakeholders. To that end, Member States shall ensure that each CSIRT contributes to the deployment of secure information-sharing tools.
The CSIRTs shall cooperate and, where appropriate, exchange relevant information in accordance with Article 29 with sectoral or cross-sectoral communities of essential and important entities.
The CSIRTs shall participate in peer reviews organised in accordance with Article 19.
Member States shall ensure the effective, efficient and secure cooperation of their CSIRTs in the CSIRTs network.
The CSIRTs may establish cooperation relationships with third countries’ national computer security incident response teams. As part of such cooperation relationships, Member States shall facilitate effective, efficient and secure information exch