Operations

Cyber Incident Reporting

Report and coordinate cyber incidents with the National CERT under a single sovereign channel.

SLA

1 hour triage

TLP

TLP:Red (handled), public only after sanitization

Pricing

Free

Eligible

Govt · CI · Enterprise

Overview

Report and coordinate cyber incidents with the National CERT under a single sovereign channel.

Purpose

Provide a regulated, auditable channel to report cyber incidents to NCSA CERT, ensuring rapid triage, national correlation, and coordinated response across sectors.

Workflow — Interactive Timeline

Auto-play

Step 1

Submit report (web/API/hotline)

Owner: Reporter

Capture timeline, severity, impact, IOCs.

Requirements

Initial incident facts (who/what/when/impact)
Designated 24/7 incident contact
Approval to share IOCs with NCSA partners (optional)

Required documents

Initial incident report
Indicators of compromise (CSV/STIX)
System inventory snapshot
Containment authorization

FAQs

Yes for Critical Information Infrastructure within 1 hour of detection.

Cyber Incident Reporting

Overview

Workflow — Interactive Timeline

Requirements

Required documents

FAQs

Is reporting mandatory?

Will my report be shared publicly?

Can I report via API?

What about legal liability?