Nev. Admin. Code § 480.240

Current through November 8, 2024
Section 480.240 - Political subdivision required to report certain types of cybersecurity incidents; contents of report
1. A political subdivision shall report to the Office within 1 business day after a known or suspected incident that is:
(a) A data breach;
(b) A distributed denial of service incident;
(c) A ransomware incident; or
(d) Any other incident that disrupts the delivery of essential services for more than 1 business day or directly affects life or property.
2. The report submitted pursuant to subsection 1 must contain information on:
(a) The date and time of the incident;
(b) The type of incident;
(c) The type of information system or data affected by the incident;
(d) The known and projected impact of the incident to the political subdivision;
(e) Whether law enforcement, a regulatory body or an external entity that could be affected by an incident have been notified of the incident, if applicable; and
(f) Any additional resources that are needed by the political subdivision to respond to the incident, if applicable.

Nev. Admin. Code § 480.240

Added to NAC by Office of Cyber Defense Coord. by R088-19, eff. 12/29/2020

NRS 480.935, 480.950