The Proposal for a revised Network and Information Systems Directive (NIS 2.0 Proposal) encourages Member States to implement a single entry point for all notifications required under the NIS Directive and also under other Union law such as the GDPR and ePrivacy Directive. This panel discusses the organisational and legal requirements for such a “112” single cybersecurity emergency number solution, and whether further harmonization of the various reporting obligations is necessary.
• Is there a necessity to simplify security incident reporting?
• Considering a single cybersecurity emergency number solution, does this require streamlining reporting timeframes and content?
• Do factors such as different protection goals and levels inhibit streamlining?
• Is there a real risk of overreporting in light of the envisaged obligation to report cyber threats and incidents that have the potential to cause harm?