Incident notification by telecom operators

Security incident involving no personal data breach

Telecom operators shall inform the BIPT of security incidents reaching one or more of the thresholds below:

  • The incident has been lasting for at least 1 hour and is affecting at least 25,000 end-users;
  • The incident has an impact on the network and is affecting access to emergency services via this network;
  • The incident has an impact on the interconnections located in Belgium, thus affecting other operators in Belgium or abroad;
  • The incident has an impact on a network component considered by the operator as critical for the operation of its networks and services.

Notification requirements:

  • Operators submit without delay a brief notification over the nature and impact of the incident by e-mail or by telephone (points of contact of the duty office);
  • And, within 5 workdays, they send a full notification via the form available on the unified notification platform.

For more information, see the Decision of 14 December 2017.

Security incident involving a personal data breach

The notification must be made on the website of the Belgian data protection authority, which then transfers the notification to the BIPT. 

Notification of security incidents referred to in the NIS Act by the entities of the digital infrastructure sector

The digital infrastructure sector includes the following entities:

  • Internet exchange points (IXPs); 
  • DNS service providers; 
  • Registers of top-level domain names.

The entities of the digital infrastructure sector designated by the BIPT as operators of essential services (OES) report their security incidents via the unified notification platform.

The entities operating in the digital infrastructure sector in Belgium which have not been designated by the BIPT as operators of essential services (OES) may report, on a voluntary basis, incidents with a significant impact on the continuity of the services they provide. They send their notifications to the CCB (Centre for Cybersecurity Belgium) in accordance with the procedures set out on the website of Cert.be (department of the CCB). The CCB will transfer this information regarding these notifications to the Crisis Centre of the government and the BIPT.

Telecom operators: handling of requests from the judicial authorities, the intelligence and security services and the emergency services providing on-site assistance

Telecom operators must establish a coordination cell to respond to information requests from judicial authorities and the intelligence and security services. This cell should be accessible 24/7. Each telecom operator must enter and update the contact details of its cell in the unified notification platform. Each member of this cell must have a positive security advice.
Telecom operators are requested to submit and update on the unified notification platform the contact details of their employees who are able to handle the requests made by emergency services providing on-site assistance. These requests may arise in case of difficult identification or localisation of the caller.

The BIPT duty service and the management of major incidents and crises

The BIPT handles security incidents via its duty team created within the Network Security Department, available 24/7.

The operators (telecom operators and operators of essential services within the meaning of the NIS Act) and the public authorities concerned may contact the duty service. They have received its contact details, which are also available on the unified notification platform.

The BIPT ensures that operators implement (preventive) measures to ensure, in the event of a crisis or major incident originating or not in the information networks and systems of these operators, the service continuity of the latter, continued access to emergency services and the continuity of the public warning system (see section “Access to emergency services and public warning system”). It also participates in the management of these crises and major incidents.

Questions?

If you have any questions (also in case of a problem of access to one of the websites above), please contact the Network Security Department at +32 (0)2 226 89 77 or by e-mail.

Back to top