NIS2 Directive
Table of Contents
Chapter I – GENERAL PROVISIONS
Chapter II – COORDINATED CYBERSECURITY FRAMEWORKS
Chapter III – COOPERATION AT UNION AND INTERNATIONAL LEVEL
Chapter IV – CYBERSECURITY RISK-MANAGEMENT MEASURES AND REPORTING OBLIGATIONS
Chapter V – JURISDICTION AND REGISTRATION
Chapter VI – INFORMATION SHARING
Chapter VII – SUPERVISION AND ENFORCEMENT
Chapter VIII – DELEGATED AND IMPLEMENTING ACTS
Chapter IX – FINAL PROVISIONS
Recitals (144)
Annexes
Recital 41
(41) Member States should be adequately equipped, in terms of both technical and organisational capabilities, to prevent, detect, respond to and mitigate incidents and risks. Member States should therefore establish or designate one or more CSIRTs under this Directive and ensure that they have adequate resources and technical capabilities. The CSIRTs should comply with the requirements laid down in this Directive in order to guarantee effective and compatible capabilities to deal with incidents and risks and to ensure efficient cooperation at Union level. Member States should be able to designate existing computer emergency response teams (CERTs) as CSIRTs. In order to enhance the trust relationship between the entities and the CSIRTs, where a CSIRT is part of a competent authority, Member States should be able to consider functional separation between the operational tasks provided by the CSIRTs, in particular in relation to information sharing and assistance provided to the entities, and the supervisory activities of the competent authorities.