NIS2 requires you to report significant incidents in stages: an early warning within 24 hours and full notification within 72 hours. But the clock only starts when you detect the incident β and that's where most fail.
Run a free domain scan All checks βWe help you understand what triggers NIS2's reporting duty, the time stages (24h early warning, 72h notification, final report within a month), and β most importantly β the technical ability to detect an incident in time so the deadlines are actually achievable.
The reporting duty is one of NIS2's most concrete and sanctioned parts. But a 24-hour deadline is meaningless if you detect the breach after three weeks. The core is detection capability: continuous monitoring of exposure, vulnerabilities and anomalies.
What counts as an incident under NIS2?
An incident with a significant impact on the provision of your services. The threshold depends on sector and effect β we help you set a practical line.
When does the 24-hour deadline start?
When you become aware of the incident. That's why detection capability is decisive β without it you can miss the deadline without even knowing.
Do you report on our behalf?
No β you notify the supervisory authority/CSIRT. We provide the technical capability and evidence that make it possible in time.
Run a free scan or order a full Security Assessment β prioritised, not noise.
Run a free domain scan