For the purpose of this comparison exercise, DHS and DG CONNECT identified six main areas for comparative analysis between the DHS Report and the NIS 2 Directive: (i) definitions and reporting thresholds, (ii) timelines, triggers and types of cyber incident reporting, (iii) contents of cyber incident reports, (iv) reporting mechanisms, (v) aggregation of incident data, and (vi) public disclosure of cyber incident information. Each of the six areas of comparative analysis includes a schematic comparison of the frameworks that adheres to the actual texts, followed by general conclusions on similarities and differences.
Downloads
Related content
Digibyte | 20 March 2024
The first step in this focused initiative includes an analysis of similarities and differences between the recommendations of the DHS Report on Harmonization of Cyber Incident Reporting to the Federal Government and the cybersecurity incident reporting framework under the NIS 2 Directive in the EU.