External CSIRT Contact Point

24/7 Representative with CSIRT-IT for the notification of significant incidents. NIS2 obligation for essential and important entities.

The NIS2 Directive requires essential and important entities to appoint a CSIRT Contact Point: a qualified, available and operational professional capable of managing communications with CSIRT-IT within 24 hours of a significant incident. AptGetDefence delivers this service as a dedicated external function.

24h Early warning notification to CSIRT-IT
72h Formal incident notification
30d Final report to CSIRT-IT
H24 Contact point availability
01

You do not have a qualified internal resource

The NIS2 obligation requires a contact point with both technical and regulatory expertise. You do not have a suitable internal profile or do not want to overburden your IT team.

02

You need 24/7 coverage

Incidents do not respect business hours. The contact point must be reachable at any time, including weekends and public holidays.

03

You want a contact point already operational with CSIRT-IT

Our team has established communication channels with CSIRT-IT and is fully familiar with the notification procedures in detail.

04

You are completing your NIS2 compliance programme

You have already started or completed the gap assessment and need to activate the CSIRT Contact Point function to finalise your compliance.

What we do

  • Formal appointment of the CSIRT Contact Point (dedicated contract)
  • Priority 24/7 communication channel with your team
  • Coordination with CSIRT-IT in the event of a significant incident
  • Drafting and submission of NIS2 notifications (early warning, notification, final report)
  • Assessment of incident significance according to NIS2 criteria
  • Technical support during incident management
  • Updates on regulatory changes and CSIRT-IT guidelines

What you receive

  • External CSIRT Contact Point service contract
  • Formal appointment document for the contact point
  • Dedicated escalation channel (phone and certified email)
  • Pre-filled NIS2 notification templates
  • Log of all communications with CSIRT-IT
  • Quarterly report on incidents and near-misses
  • Periodic briefing on NIS2 regulatory developments
Soggetti Essenziali NIS2 Soggetti Importanti NIS2 IT Manager Compliance Officer
Must the CSIRT Contact Point be an internal employee?
No. The NIS2 regulation and CSIRT-IT guidelines allow the appointment of a qualified external contact point. This is particularly advantageous for organisations that lack sufficient internal expertise or prefer to outsource the function.
What constitutes a 'significant incident' under NIS2?
An incident is significant if it causes serious service disruption, significant financial losses, impact on other organisations or individuals, or involves critical infrastructure. Assessing significance is one of the key competencies of the CSIRT Contact Point.
Does the service include support during the incident?
The CSIRT Contact Point service covers coordination with CSIRT-IT and notification management. Technical support during the incident (DFIR, containment, remediation) is provided by our Blue Defence team and is available as an add-on or as part of the Spectre SOC Enterprise plan.

Activate the CSIRT Contact Point service

Contact us to receive the standard contract and activate coverage within 5 business days.