{"id":1,"date":"2026-01-28T14:25:16","date_gmt":"2026-01-28T14:25:16","guid":{"rendered":"https:\/\/virgilia.ch\/?p=1"},"modified":"2026-02-18T18:27:10","modified_gmt":"2026-02-18T18:27:10","slug":"incident-management","status":"publish","type":"post","link":"https:\/\/virgilia.ch\/en\/incident-management\/","title":{"rendered":"Incident Management and the NIS2 Directive: why speed of response and ACN notification define business resilience"},"content":{"rendered":"<p id=\"block-Gl4UWb3aPE\" class=\"wp-block-nectar-blocks-text nectar-blocks-text\">Today, one of the postulates of Information Security is that it no longer makes sense to ask if an incident will happen, but when. When that time comes, the difference between a managed crisis and a corporate disaster lies in the quality of the internal Incident Management processes that must have been defined, formalised and tested before the fateful moment. With the entry into force of the new rules on Incident Reporting imposed by the NIS2 Directive, speed is no longer just a technical necessity, but an imperative legal obligation.<\/p>\n\n\n\n<h4 id=\"block-D4XGG0BMQs\" class=\"wp-block-nectar-blocks-text nectar-blocks-text\">The weight of regulatory deadlines: The 24-hour factor<\/h4>\n\n\n\n<p id=\"block-JR0hAqw8M2\" class=\"wp-block-nectar-blocks-text nectar-blocks-text\">The ACN guidelines are clear: incidents with significant impact require initial notification within 24 hours. Within this timeframe, the team must:<\/p>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li>Identify the origin and scope of the\u2019<strong>Incident<\/strong>.<\/li>\n\n\n\n<li>Contain the threat to prevent further damage.<\/li>\n\n\n\n<li>Collect sufficient data for accurate classification.<\/li>\n\n\n\n<li>Compile and submit the necessary reports.<\/li>\n<\/ol>\n\n\n\n<p id=\"block-o2dQyVpoNF\" class=\"wp-block-nectar-blocks-text nectar-blocks-text\">Without a strong and well-functioning incident management process, the stress and confusion of the moment inevitably leads to these deadlines being exceeded, exposing the company to administrative and regulatory penalties.<\/p>\n\n\n\n<h4 id=\"block-ss7nPZ823t\" class=\"wp-block-nectar-blocks-text nectar-blocks-text\">Virgil.ia: Turning an emergency into an orderly process<\/h4>\n\n\n\n<p id=\"block-ukwmyEAdXb\" class=\"wp-block-nectar-blocks-text nectar-blocks-text\">The Virgil.ia Platform acts as a \u201ccontrol tower\u201d during an attack. It does not replace defence tools (such as EDR or SOC), but orchestrates them within a Compliance and Governance framework.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Assisted ACN Notification:<\/strong>\u00a0With in-depth knowledge of the Directive, the platform guides the user in compiling the notification reports, extracting the relevant technical data and formatting them according to the taxonomy required by the authority to ensure accuracy and regulatory compliance.\u00a0\u00a0<\/li>\n\n\n\n<li><strong>Post-Mortem Analysis and Improvement:<\/strong>\u00a0Once the\u2019<strong>Accident<\/strong>, Virgil.ia generates detailed reports for root cause analysis (<em>root cause analysis<\/em>). This makes it possible to update the\u00a0<strong>Risk<\/strong>\u00a0management and demonstrate to the\u00a0<strong>Auditor<\/strong>\u00a0that the company is able to learn from its mistakes, increasing long-term resilience.<\/li>\n<\/ul>\n\n\n\n<p id=\"block-tsT6OyxAsx\" class=\"wp-block-nectar-blocks-text nectar-blocks-text\"><\/p>","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":31259,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_nectar_blocks_hide_post_title":false,"_nectar_blocks_transparent_header_effect":false,"_nectar_blocks_transparent_header_effect_color":"light","_nectar_blocks_header_animation":false,"_nectar_blocks_header_animation_delay":0,"_nectar_blocks_header_animation_effect":"fade","_nectar_blocks_page_css":"","_nectar_blocks_page_js":"","footnotes":""},"categories":[6],"tags":[],"class_list":{"0":"post-1","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-risk-management"},"_links":{"self":[{"href":"https:\/\/virgilia.ch\/en\/wp-json\/wp\/v2\/posts\/1","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/virgilia.ch\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/virgilia.ch\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/virgilia.ch\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/virgilia.ch\/en\/wp-json\/wp\/v2\/comments?post=1"}],"version-history":[{"count":2,"href":"https:\/\/virgilia.ch\/en\/wp-json\/wp\/v2\/posts\/1\/revisions"}],"predecessor-version":[{"id":31258,"href":"https:\/\/virgilia.ch\/en\/wp-json\/wp\/v2\/posts\/1\/revisions\/31258"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/virgilia.ch\/en\/wp-json\/wp\/v2\/media\/31259"}],"wp:attachment":[{"href":"https:\/\/virgilia.ch\/en\/wp-json\/wp\/v2\/media?parent=1"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/virgilia.ch\/en\/wp-json\/wp\/v2\/categories?post=1"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/virgilia.ch\/en\/wp-json\/wp\/v2\/tags?post=1"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}