Nev. Admin. Code § 480.240 - Political subdivision required to report certain types of cybersecurity incidents; contents of report
1. A political
subdivision shall report to the Office within 1 business day after a known or
suspected incident that is:
(a) A data
breach;
(b) A distributed denial of
service incident;
(c) A ransomware
incident; or
(d) Any other incident
that disrupts the delivery of essential services for more than 1 business day
or directly affects life or property.
2. The report submitted pursuant to
subsection 1 must contain information on:
(a)
The date and time of the incident;
(b) The type of incident;
(c) The type of information system or data
affected by the incident;
(d) The
known and projected impact of the incident to the political
subdivision;
(e) Whether law
enforcement, a regulatory body or an external entity that could be affected by
an incident have been notified of the incident, if applicable; and
(f) Any additional resources that are needed
by the political subdivision to respond to the incident, if
applicable.
Notes
NRS 480.935, 480.950
State regulations are updated quarterly; we currently have two versions available. Below is a comparison between our most recent version and the prior quarterly release. More comparison features will be added as we have more versions to compare.
No prior version found.