EU DORA Major ICT-Related Incident Report

Detects DORA Article 19 major ICT-related incident reports — the initial notification, intermediate report, and final report submitted to the competent authority under Delegated Regulation (EU) 2025/301 and Implementing Regulation (EU) 2025/302 — and voluntary notifications of significant cyber threats. These reports detail live vulnerabilities, affected services, and root causes; premature disclosure aids attackers and can move markets.

Type
keyword_proximity
Engine
universal
Confidence
medium
Confidence justification
Medium confidence: honest topic matcher. 'Major ICT-related incident' and 'significant cyber threat' are DORA Article 19 terms of art rarely used outside the regulation's orbit, and the 85 tier additionally requires reporting-stage vocabulary (initial notification, intermediate report, final report, incident reference code, root cause analysis). News coverage and consultancy explainers about DORA incident reporting share this vocabulary and are suppressed only by noise exclusions.
Jurisdictions
eu
Regulations
Regulation (EU) 2022/2554 (DORA), Delegated Regulation (EU) 2025/301, Implementing Regulation (EU) 2025/302
Frameworks
ISO 27001
Data categories
financial, security, governance
Scope
wide
Risk rating
8

Pattern

(?i)\b(?:major\s+ICT[\s-]related\s+incident|significant\s+cyber\s+threat)\b

Corroborative evidence keywords

major ICT-related incident, significant cyber threat, initial notification, intermediate report, final report, root cause analysis, incident reference code, competent authority, Regulation (EU) 2022/2554, DORA, classified as major, financial entity, services affected, board, committee, governance, compliance, fiduciary, oversight, charter (+8 more)

Proximity: 300 characters

Should match

Should not match

Known false positives

References