FantasticSearch

1. In acting as a cybersecurity information exchange and incident response coordination hub, CERT-EU shall facilitate information exchange with regards to incidents, cyber threats, vulnerabilities and near misses among:

(a) Union entities;

(b) the counterparts referred to in Articles 17 and 18.

2. CERT-EU, where relevant in close cooperation with ENISA, shall facilitate coordination among Union entities on incident response, including:

(a) contribution to consistent external communication;

(b) mutual support, such as sharing information relevant to Union entities, or providing assistance, where relevant directly on site;

(c) optimal use of operational resources;

(d) coordination with other crisis response mechanisms at Union level.

3. CERT-EU, in close cooperation with ENISA, shall support Union entities regarding situational awareness of incidents, cyber threats, vulnerabilities and near misses as well as sharing relevant developments in the field of cybersecurity.

4. By 8 January 2025, the IICB shall, on the basis of a proposal by CERT-EU, adopt guidelines or recommendations on incident response coordination and cooperation for significant incidents. Where the criminal nature of an incident is suspected, CERT-EU shall advise on how to report the incident to law enforcement authorities, without undue delay.

5. Following a specific request from a Member State and with the approval of the Union entities concerned, CERT-EU may call on experts from the list referred to in Article 23(4), for contributing to the response to a major incident which has an impact in that Member State, or a large-scale cybersecurity incident in accordance with Article 15(3), point (g), of Directive (EU) 2022/2555. Specific rules on access to and the use of technical experts from Union entities shall be approved by the IICB on the basis of a proposal by CERT-EU.