1. Why must major incidents be reported to the Sectoral Team for Cybersecurity?

The Act of 5 July 2018 on the national cybersecurity system requires operators of essential services to report major incidents to the Sectoral Team for Cybersecurity.

2. What is a major incident?

A major incident is an incident which deteriorates or may seriously deteriorate the quality, and/or disrupt the continuity, of the essential service. The criteria for classifying an incident as serious are listed in the Regulation of the Council of Ministers of 31 October 2018 on the thresholds to be used to treat an incident as a serious incident.

3. What is the time limit for reporting a major incident?

A major incident must be reported immediately, not later than within 24 hours of its detection.

4. How to report a major incident to the Sectoral Team for Cybersecurity?

A filled-out major incident report form (PDF file) must be sent to: csirt@knf.gov.pl

To maintain confidentiality of data transmitted in e-mail communication with the Sectoral Team for Cybersecurity, e-mail messages need to be encrypted. The PGP public key of the Team is available in the PGP Key tab.