Nevada Administrative Code
Chapter 480 - Security of Information Systems
Section 480.240 - Political subdivision required to report certain types of cybersecurity incidents; contents of report
Universal Citation: NV Admin Code 480.240
Current through February 27, 2024
1. A political subdivision shall report to the Office within 1 business day after a known or suspected incident that is:
(a) A data
breach;
(b) A distributed denial of
service incident;
(c) A ransomware
incident; or
(d) Any other incident
that disrupts the delivery of essential services for more than 1 business day
or directly affects life or property.
2. The report submitted pursuant to subsection 1 must contain information on:
(a)
The date and time of the incident;
(b) The type of incident;
(c) The type of information system or data
affected by the incident;
(d) The
known and projected impact of the incident to the political
subdivision;
(e) Whether law
enforcement, a regulatory body or an external entity that could be affected by
an incident have been notified of the incident, if applicable; and
(f) Any additional resources that are needed
by the political subdivision to respond to the incident, if
applicable.
Added to NAC by Office of Cyber Defense Coord. by R088-19, eff. 12/29/2020
NRS 480.935, 480.950
Disclaimer: These regulations may not be the most recent version. Nevada may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.
