Recital 44
Directive on the security of network and information systems · UE 2022/2555
| (44) | The CSIRTs should have the ability, upon an essential or important entity’s request, to monitor the entity’s internet-facing assets, both on and off premises, in order to identify, understand and manage the entity’s overall organisational risks as regards newly identified supply chain compromises or critical vulnerabilities. The entity should be encouraged to communicate to the CSIRT whether it runs a privileged management interface, as this could affect the speed of undertaking mitigating actions. |