NIS2. Response. Continuity.

Outsourced CSIRT: your contact point for incident management

The NIS2 Directive requires an operational and reachable CSIRT (Computer Security Incident Response Team) contact point for incident management and mandatory notifications to the ACN (Italian National Cybersecurity Agency). AtWorkStudio provides a dedicated outsourced CSIRT contact point, backed by ISO/IEC 27001, 27017, 27018 and ISO 9001 certified competencies, to ensure compliance and business continuity.

Request the CSIRT serviceSee what's included
Free online assessment

Is your company ready for NIS2?

Find out in 15 minutes with our assessment based on the NIST Cybersecurity Framework 2.0, the international standard for cyber risk management.

106 questions · Instant report · No commitment

Start the free assessment
What the service includes

A complete CSIRT contact point, ready from day one

Our outsourced CSIRT service covers all obligations required by the NIS2 Directive (Directive (EU) 2022/2555) for security incident management. We act as the single point of contact with ACN/CSIRT Italia and as an extension of your IT team.

Dedicated CSIRT contact point

A designated professional acting as point of contact for incident management and mandatory communications with ACN/CSIRT Italia. Available, trained and operational.

Incident notification

Complete management of mandatory notifications: pre-notification within 24 hours, formal notification within 72 hours and final report within 1 month of the incident. No deadlines missed.

Monitoring and triage

Continuous monitoring of security events, incident classification by severity and activation of the appropriate response level according to documented procedures.

Coordination during incidents

During an incident, we work alongside your IT team to contain the threat, restore systems and produce the documentation required by the regulation.

Documentation and reporting

Periodic reports on security posture, audit-ready documentation for compliance reviews and full traceability of every activity performed.

Training and simulations

Tabletop exercises, incident simulations and staff training to improve organisational preparedness and reduce response times.
Why outsource

Why entrust the CSIRT to a specialised partner

Building an internal CSIRT team requires highly specialised skills, dedicated tools and round-the-clock availability. Outsourcing delivers immediate NIS2 compliance with predictable costs and certified competencies.

Certified expertise

Our management system is certified ISO/IEC 27001, 27017, 27018 and ISO 9001. We are members of Clusit (Italian Association for Information Security) and Confindustria Piacenza.

Continuous coverage

No need to build an internal incident response team: our CSIRT contact point is operational and available, with established procedures and professional tools already in place.

Immediate NIS2 compliance

From day one you have a CSIRT contact point compliant with NIS2 requirements, with proven notification processes and documentation ready for ACN audits.

Frequently asked questions about outsourced CSIRT

Answers to the most common questions about the outsourced CSIRT contact point service for NIS2 compliance.

NIS2 compliance without compromise: your CSIRT, managed by us

Contact us to activate the outsourced CSIRT contact point service. We guarantee NIS2 compliance from day one, with certified expertise and continuous coverage.

Contact usOur Cybersecurity services