Cyber Security Practitioner
Back to Contents

Volume: 3 Issue: 3
(March 2017)

Keywords:
enis releases incident notification guide dsps enis published 27 february 2017 preliminary guidelines digital service providers (‘dsps intended support implementation

Options:
Share This Page



ENISA releases incident notification guide for DSPs

ENISA published on 27 February 2017 preliminary guidelines for digital service providers (‘DSPs’) intended to support the implementation of the incident notification obligation of the Network and Information Security Directive (‘NIS Directive’).

The guidelines build on the work of Member States and businesses in incident identification, parameters and thresholds, and expand on the NIS Directive’s requirement for DSPs other than small/micro enterprises to notify ‘without undue delay’ any ‘incidents’ - events having an actual adverse effect on a network and information system - which have a ‘substantial impact’ on a DSP service offered in the EU. “As ENISA notes, in determining what is a ‘substantial impact’ the NIS Directive mentions ‘just five indicators to be used’ without providing details; as it provides ‘only a sketchy description’ of ‘incident notification concepts and the overall process,’ ENISA wanted to develop guidelines for all stakeholders, including authorities, to support implementation of the NIS Directive’s DSP incident notification obligation,” explains Dr Kuan Hon, Consultant Lawyer at Pinsent Masons LLP.  

“ENISA’s guidelines rightly recognise that different types of DSPs have very different functions, businesses and customers, and ENISA provides some helpful recommendations on how to approach the different criteria in these different subsectors, which DSPs should note,” adds Dr Hon.

Search Publication Archives



Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
Sign up for e-mail alerts
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed