The NIS Cooperation Group has published six working documents, including some guidelines related to the implementation of the NIS Directive, the first piece of EU-wide legislation on cybersecurity, and documents addressing wider cybersecurity policy issues such as the cybersecurity of elections.

The majority of these working documents, assist in harmonising the implementation of the Directive on the Security of Network and Information systems (known as the NIS Directive) regarding the identification of companies (the so-called ‘Operators of Essential Services’) that will be subject to the Directive’s requirements and the notification of serious incidents to EU Member States.

In addition, the NIS Cooperation Group has delivered a compendium on how to protect the integrity of elections from a cybersecurity perspective and identified a common way to categorise causes and impact of large scale cybersecurity incidents (taxonomy). The common understanding of how to name and group incidents will contribute to the implementation of the European Commission Recommendation on coordinating response to large scale cybersecurity incidents and crises at all levels (strategic/political, operational and technical).

In February 2018 the NIS Cooperation Group had published two additional documents, the first focused on security measures for Operators of Essential Services and the second on incident notification for Operators for Essential Services. The latest working document of the NIS Cooperation Group is entitled "Guidelines on cross-border dependencies" and aims at helping EU Member States to gather information and map their cross-border dependencies and risks related to those dependencies which can eventually help them in applying nationally the necessary risk mitigation measures.

The NIS Cooperation Group started working on the above mentioned documents in early 2018, as part of its first biennial Work Programme (2018-2020) adopted in February 2018. All Group members worked towards the development of deliverables by pulling together relevant experiences in the field of cybersecurity and contributing to the identification of guidance and best practices. The constructive dialogue and cooperation led to the endorsement of deliverables in July 2018.

The NIS Cooperation Group was established by the NIS Directive and started its work in February 2017. It is composed by representatives of EU Member States national cybersecurity authorities, the European Commission and the European Union Agency for Network and Information Security (ENISA). It facilitates the dialogue between different bodies responsible for cybersecurity in the EU. The NIS Cooperation Group is the EU's forum where common cybersecurity challenges are discussed and coordination on cybersecurity policy measures is happening.

Published documents

Compendium on cyber security of election technology

Cybersecurity incident taxonomy

Guidelines on notification of Operators of Essential Services incidents (formats and procedures)

Guidelines on notification of Digital Service Providers incidents (formats and procedures)

Reference document on the identification of Operators of Essential Services (modalities of the consultation process in cases with cross-border impact)

Guidelines on cross-border dependencies