Awareness Training - Save 60% on Yearly Plan.
Prices
Book Demo

Article 13

Cooperation at national level

1.   Where they are separate, the competent authorities, the single point of contact and the CSIRTs of the same Member State shall cooperate with each other with regard to the fulfilment of the obligations laid down in this Directive.

2.   Member States shall ensure that their CSIRTs or, where applicable, their competent authorities, receive notifications of significant incidents pursuant to Article 23, and incidents, cyber threats and near misses pursuant to Article 30.

3.   Member States shall ensure that their CSIRTs or, where applicable, their competent authorities inform their single points of contact of notifications of incidents, cyber threats and near misses submitted pursuant to this Directive.

4.   In order to ensure that the tasks and obligations of the competent authorities, the single points of contact and the CSIRTs are carried out effectively, Member States shall, to the extent possible, ensure appropriate cooperation between those bodies and law enforcement authorities, data protection authorities, the national authorities under Regulations (EC) No 300/2008 and (EU) 2018/1139, the supervisory bodies under Regulation (EU) No 910/2014, the competent authorities under Regulation (EU) 2022/2554, the national regulatory authorities under Directive (EU) 2018/1972, the competent authorities under Directive (EU) 2022/2557, as well as the competent authorities under other sector-specific Union legal acts, within that Member State.

5.   Member States shall ensure that their competent authorities under this Directive and their competent authorities under Directive (EU) 2022/2557 cooperate and exchange information on a regular basis with regard to the identification of critical entities, on risks, cyber threats, and incidents as well as on non-cyber risks, threats and incidents affecting entities identified as critical entities under Directive (EU) 2022/2557, and the measures taken in response to such risks, threats and incidents. Member States shall also ensure that their competent authorities under this Directive and their competent authorities under Regulation (EU) No 910/2014, Regulation (EU) 2022/2554 and Directive (EU) 2018/1972 exchange relevant information on a regular basis, including with regard to relevant incidents and cyber threats.

6.   Member States shall simplify the reporting through technical means for notifications referred to in Articles 23 and 30.

Frequently Asked Questions

National authorities, single points of contact, and cybersecurity response teams (CSIRTs) must cooperate closely to quickly identify, report, and effectively handle serious cybersecurity incidents, threats, and near misses; this teamwork helps to streamline their response efforts, improve cybersecurity across the country, and protect important services and critical infrastructure from cyber harm.
Under NIS2, Member States should establish straightforward methods to make reporting cybersecurity incidents simpler; this helps organizations easily and promptly report significant cybersecurity breaches, threats, or off-target attacks (near misses), allowing authorities to act quickly, better manage cyber threats, and protect everyone’s online safety and security.
Cybersecurity teams (CSIRTs) or relevant national authorities must receive clear notifications whenever significant cybersecurity incidents, threats, or near misses occur, ensuring they have the latest, accurate information required to coordinate responses, alert stakeholders, and strengthen cybersecurity protections to prevent further damage to important networks and systems in the future.
Under NIS2, cybersecurity teams and competent authorities work alongside law enforcement, data protection regulators, and other relevant sector-focused authorities, sharing important information to better understand and respond to cyber and non-cyber incidents, risks, and threats, thus strengthening national security and ensuring more coordinated protection of critical services and infrastructures.

NIS2 Training

Start Training

Book Demo

We will get back to you via email as soon as possible.