Cybersecurity Incidents Reporting
is according to the Act obliged to report every significant cybersecurity incident which is identified on the basis of the excess of criteria for each category of significant cybersecurity incident. Incidents are divided into the category of 1st, 2nd and 3rd grade depending on
|
|
|
|
|
is according to the Act obliged to report every cybersecurity incident, if they have information relevant to identify significant impact of a cybersecurity incident immediately after finding it out.
Moreover, providers are obliged to resolve the reported cybersecurity incident and to cooperate with the Authority on its solution. At the same time they are obliged to report every significant cybersecurity incident they were affected with if their services are used by a provider of essential service.
If since reporting cybersecurity incident its effects did not pass over, the operator of essential service or provider of digital service is obliged to send incomplete report on cybersecurity incident in which they mark an identifier of incomplete report, and immediately after the recovery of normal operation of the network and information system they send completed report.
The report of cybersecurity incidents is carried out through the Cybersecurity Single Information System. The Authority may also conclude a written agreement with an operator of essential service or a provider of digital service on the means and form of cybersecurity incident reporting.
Voluntary incident reports are also carried out through the Cybersecurity Single Information System, regardless of the category of cybersecurity incident. The Authority process and analyse them in the scope allowed by technical conditions and capacity in the way without disproportionate burden of subjects and the limitation of international cooperation.