The CERT-EE incident handling unit of the Information System Authority (RIA) has updated the form for reporting cyber incidents to make the process quicker and more convenient.
According to the Cybersecurity Act, state institutions, local governments, vital and critical service providers, and digital service providers such as online store operators have an obligation to notify the RIA of a major cyber incident immediately, or within 24 hours of being made aware of the incident at the latest, the RIA said.
Whether it is a major cyber incident or a service provider operating under law, CERT-EE also extensively analyzes more basic cyber incidents, regardless of whether it is a private individual, a company or a state institution that has notified the authority of the incident. The more cyber incidents are reported, the better CERT-EE's overview of incidents will be, and the authority will be able to assist in resolving the incident.
In order to make reporting cyber incidents faster and more convenient, CERT-EE has updated the reporting form. The goal of the update is to avoid burdening the notifying individual with questions that are unlikely to have answers at the time of the incident or that can only be answered in very specific cases.
On the new reporting form, the individual filing the report only has to answer basic questions that will provide CERT-EE with an overview of what has happened. If necessary, CERT-EE can follow up with the notifying individual to seek answers to more specific questions.
In accordance with user feedback, functionality has been added to the reporting form allowing the filled-in form to be downloaded as a PDF and used within one's own organization.
Altogether 17,000 incidents were reported to CERT-EE last year, 6,000 more than in 2017. Approximately 3,400 cyber incidents impacting systems or data were registered, as were some 100 high-priority incidents.
Editor: Aili Vahtla