The present report provides anonymised and aggregated information about major telecom security incidents that happened in 2022.
Error message
Warning: Undefined variable $state_label in enisaweb_preprocess_node() (line 422 of /var/www/html/lib/themes/enisaweb/enisaweb.theme).Incident reporting is essential for understanding and analysing the EU cybersecurity threat landscape.
A cornerstone of European Union cybersecurity legislation is the reporting of cybersecurity incidents, addressed by several distinct laws within the EU. In 2018, the EU Directive on Security of Network and Information Systems (called the NIS Directive) came into force, introducing notification rules for cybersecurity incidents for operators of essential services in a wide range of critical sectors, such as energy, transport, finance and health.
The NIS2 Directive is a continuation and a consolidation of the NIS1 approach in relation to incident reporting. Asset owners and operators will need take appropriate security measures and notify incidents to the relevant national authority and/or to their national computer security incident response team (CSIRT) within 24 hours as an early warning and within 72 hours for a full incident notification. NIS2 also introduced an obligation for the competent authority or CSIRT to give initial feedback to the reporting entity without undue delay and where possible, within 24 hours. Specific rules on incident reporting are also detailed under the legislation regarding payment service providers, manufacturers of medical services and data controllers.
ENISA has been supporting the implementation of these specific sector legislations by developing procedures, templates, tooling and analysis regarding cybersecurity incidents, which are published through annual reports. Overall, incident reporting and cybersecurity threats are intrinsically connected as reporting enables the collection of critical data on threats, attacks, and vulnerabilities. Such information helps to identify trends and to enhance the overall understanding of the cybersecurity landscape. By systematically reporting incidents, organisations and authorities can better anticipate emerging threats and strengthen resilience against future attacks.
Further information on ENISA’s flagship work regarding the current status of the cybersecurity threat landscape and emerging threats can be found under the ‘Cyber Threats’ section. ENISA publishes anonymised and aggregated data deriving from the reporting of security incidents under the Cybersecurity Incident Report and Analysis System (CIRAS) that depicts the overall EU situation into statistics.
Related content
Trust Services Security Incidents 2022
This report, the Annual Report Trust Services Security Incidents 2022, provides an aggregated overview of the notified breaches for 2022, analysing root causes, statistics and trends.
NIS Investments Report 2023
This report aims at providing policy makers with evidence to assess the effectiveness of the existing EU cybersecurity framework specifically through data on how Operators of Essential Services (OES) and Digital Service Providers (DSP) identified in the E
Good Practices for Supply Chain Cybersecurity
The report provides an overview of the current supply chain cybersecurity practices followed by essential and important entities in the EU, based on the results of a 2022 ENISA study which focused on investments of cybersecurity budgets among organisat