7. POLICIES AND PROCEDURES TO ASSESS THE EFFECTIVENESS OF CYBERSECURITY RISK-MANAGEMENT MEASURES
8. BASIC CYBER HYGIENE PRACTICES AND SECURITY TRAINING
9. CRYPTOGRAPHY

3.5 Incident response

3.5.1. The relevant entities shall respond to incidents in accordance with documented procedures and in a timely manner.

3.5.2. The incident response procedures shall include the following stages:

(a) incident containment, to prevent the consequences of the incident from spreading;
(b) eradication, to prevent the incident from continuing or reappearing,
(c) recovery from the incident, where necessary.

3.5.3. The relevant entities shall establish communication plans and procedures:

(a) with the Computer Security Incident Response Teams (CSIRTs) or, where applicable, the competent authorities, related to incident notification;
(b) with relevant internal and external stakeholders.

3.5.4. The relevant entities shall log incident response activities, and record evidence.

3.5.5. The relevant entities shall test at planned intervals their incident response procedures.

Stand: 27.06.2024

Holen Sie sich den NIS2-Umsetzungs-Fahrplan und unseren Newsletter!