CSIRT

NIS2 Point of Contact and CSIRT Contact Role: Accountability and Operating Duties

NIS2 implementation guidance distinguishes the legal Point of Contact from the operational CSIRT contact role. Practical guide to role formalization,…

NIS2 Significant Incident IS-3: Violation of Expected Service Levels

IS-3 in the ACN baseline model covers service-level violation incidents affecting entity services and activities. Practical guide to qualification, s…

NIS2 Significant Incident IS-2: Integrity Loss Affecting Digital Data

IS-2 in the ACN baseline model covers integrity loss affecting digital data under entity ownership or control. Practical guide to qualification, evid…

NIS2 Significant Incident IS-1: Confidentiality Loss Affecting Digital Data

IS-1 in the ACN baseline model covers confidentiality loss affecting digital data under entity ownership or control. Practical guide to qualification…

NIS2 Incident Typology Model: Condition, Compromise, and Affected Object

ACN baseline guidance classifies significant incidents through condition, compromise, and object of compromise. Practical guide to using the typology…

NIS2 incident-notification obligations are live: operating model after the 9-month deadline

The NIS2 9-month incident-notification deadline passed in January 2026. This guide provides the post-deadline operating model: governance confirmatio…

NIS2 Response Controls (RS): Containment and Eradication in Incident Handling

Containment and eradication are iterative response steps that limit damage and remove attacker persistence. Practical guide to strategy selection, ev…

NIS2 Response Controls (RS): Signaling and Investigation Operating Model

The NIS2 Response (RS) domain requires structured incident response through signaling, investigation, and iterative decision loops. Practical guide t…

NIS2 Detection Controls (DE): Event Monitoring and Adversarial Signal Handling

The NIS2 Detection (DE) domain requires monitoring networks, services, and endpoints to identify adverse events early. Practical guide to log readine…

DORA Implementation in Italy: A New Era for Financial Cyber Resilience

Italy transposes the EU's Digital Operational Resilience Act (DORA) with new obligations for financial institutions on ICT risk, incident response, a…

The EU Cyber Solidarity Act: A New Pillar of Collective Resilience

The EU Cyber Solidarity Act introduces coordinated mechanisms and shared capabilities to improve threat detection, incident response, and strategic r…

Cyber Threats in Italy – ACN Operational Summary, April 2025

The ACN's April 2025 Operational Summary highlights a rise in ransomware and DDoS attacks in Italy, with key sectors like telecoms and public adminis…