Incident notification obligation according to the NIS Directive
The law of 7 April 2019 (the ‘NIS law’) states that the Operators of Essential Services (OES) and the Digital Service Providers (DSP) shall, amongst other things, notify any incident that have a significant impact on their networks and information systems or on the provision of their services.
This law transposes into Belgian law the Directive (EU) 2016/1148 of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union (the ‘NIS Directive’). For more information about this law, see our previous news dedicated to it.
Notification procedure
Since July 18, such notification shall be made simultaneously to:
the Centre for Cybersecurity Belgium (CCB),
the Directorate-General Crisis Centre (DGCC) of the FPS Internal Affairs; and
the relevant sectoral authority (as identified in Annex 1 of the Royal Decree of 12 July 2019) or the sectoral CSIRT (Computer Security Incident Response Team).
Furthermore, this notification shall be made:
through a secure notification platform (accessible by Internet via a secure connection); and
by using the incident notification form established by the CCB.
This notification must contain all available information to determine the nature, causes, effects and consequences of the incident.
If the OES or DSP does not dispose of all the information contained in the form, it must complete the initial notification as soon as it is in possession of the missing information.
Finally, the CCB, the sectoral authority or its sectoral CSIRT or DGCC may request additional information from the OES or DSP on the notification(s) it has made.
See: Royal Decree of 12 July 2019 implementing the Act of 7 April 2019 establishing a framework for the security of networks and information systems of general interest for public security, as well as the Act of 1 July 2011 on security and critical infrastructure protection.
Notre conseil :
Your company is susceptible to being subject to the NIS law? Do not delay any longer to comply with it. If necessary, Lexing’s Creactivity department is naturally at your disposal to prepare you for incidents handling.
Le présent site Internet utilise des cookies. Certains cookies sont nécessaires au bon fonctionnement du site Internet et ne peuvent être refusés si vous souhaitez visiter ce site. D'autres cookies sont utilisés à des fins de lecture de vidéos et d'analyse : Politique de cookies. Vous pouvez tout à fait les refuser si vous le souhaitez. RejeterParamétrerACCEPTER TOUT
Les cookies nécessaires sont essentiels pour le bon fonctionnement du site Web. Cette catégorie ne comprend que les cookies qui assurent les fonctionnalités de base, la sécurité du site Internet, la gestion des langues, le téléchargement de documents et la consultation en ligne.
Cookie
Type
Durée
Description
_wpas_session
session
30 minutes
This cookie is used by Awesome Support (online consultation / SOS) to keep track of website state between page loads and to store temporary information essential to the website's ability to work properly.
More info: https://getawesomesupport.com/documentation/awesome-support/cookies/
cookielawinfo-checkbox-necessary
persistent
11 months
This cookie is set by GDPR Cookie Consent plugin. The purpose of this cookie is to check whether or not the user has given the consent to the usage of cookies under the category 'Necessary'.
cookielawinfo-checkbox-non-necessary
persistent
11 months
This cookie is set by GDPR Cookie Consent plugin. The purpose of this cookie is to check whether or not the user has given their consent to the usage of cookies under the category 'Non-Necessary'.
PHPSESSID
session
This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookie and is deleted when all the browser windows are closed.
pll_language
persistent
1 year
This cookie is set by Polylang and is used to remember the language selected by the user when he comes back to visit again the website. This cookie is also used to get the language information when not available in another way. Examples are ajax requests or the login page.
More info: https://polylang.pro/doc/is-polylang-compatible-with-the-eu-cookie-law/
viewed_cookie_policy
persistent
1 hour
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
This cookie is set by Wordpress and is used to store the authentication details on login. The authentication details include the username and double hashed copy of the password. However, this usage of the cookie is limited to the admin console area, the backend dashboard of the website.
Here [hash] represents the value that is obtained by applying a specific mathematical formula applied to the username and password. It is to ensure that the input values are safe, and no one can access these data using the cookies as it is difficult to ‘unhash’ the hashed data.
More info : https://wordpress.org/support/article/cookies/
wordpress_logged_in_[hash]
persistent
14 days
This cookie is set by Wordpress and is used to indicate when you are logged in, and who you are. This cookie is maintained on the front-end of the website as well when logged in.
More info: https://wordpress.org/support/article/cookies/
wordpress_test_cookie
session
This cookie is set by Wordpress and is used to store the authentication details on login. The authentication details include the username and double hashed copy of the password. However, this usage of the cookie is limited to the admin console area, the backend dashboard of the website.
Here [hash] represents the value that is obtained by applying a specific mathematical formula applied to the username and password. It is to ensure that the input values are safe, and no one can access these data using the cookies as it is difficult to ‘unhash’ the hashed data.
More info: https://wordpress.org/support/article/cookies/
This cookie is set by Wordpress and is used to customize the view of your admin interface and the front-end of the website. The value represented by [UID] is the individual user ID of the user as given to them in the users' database table.
More info: https://wordpress.org/support/article/cookies/
Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
More info: https://policies.google.com/technologies/types?hl=en