These 3 questions must be answered within the scope of the obligation to report an IT security incident!

The effects of an IT security incident have a serious impact on the functionality of the affected company and – in the case of a supply chain attack – also critical effects on its customers and/or subcontractors. If companies in critical infrastructures (CRITIS) are affected, their failure or impairment can, in the worst case, lead to lasting supply bottlenecks, disruptions to public safety or other significant consequences.

Is your company affected by an IT security incident? Then immediate action is necessary, which includes not only technical and organisational tasks – it also includes, among other things, complying with and communicating reporting obligations.

But how exactly is your reporting obligation defined?

Basically, the reporting obligation is based on three important questions:

  • What must be reported?
  • When must a malfunction be reported?
  • Who must report a malfunction?

Our cyber defence consultants have the answers in their article: Reporting obligations in the event of an IT security incident at a glance! 

Share post on:

XING
Twitter
LinkedIn

Svenja Koch • Autor

Senior Marketing Manager

Svenja Koch is Senior Marketing Manager at SECUINFRA. Here, she is responsible for the conception and publication of press articles, blog and news contributions, among other things.

> all articles
Cookie Consent with Real Cookie Banner