What is the PNRISC platform and how was it updated?

PNRISC (pnrisc.dnsc.ro) is Romania's National Cybersecurity Incident Reporting Platform. On April 28, 2026, DNSC simplified the reporting flow with a more intuitive interface for citizens and NIS2 entities.

What is the DNSC Blacklist and how can I use it?

The DNSC Blacklist (pnrisc.dnsc.ro/blacklist) is a public database of domains involved in fraudulent activities, validated by DNSC experts. Anyone can check whether a domain is considered risky.

What is the DNSC Blacklist Protection browser extension?

It is a browser extension developed by DNSC, available for Chrome, Edge, Brave, Opera, and Firefox. It uses local filtering and warns users before accessing domains listed in the Blacklist.

DNSC Blacklist and PNRISC incident reporting 2026

DNSC simplifies cybersecurity incident reporting

On April 28, 2026, Romania's National Directorate for Cybersecurity (DNSC) launched two major updates to the national cybersecurity infrastructure: a public Blacklist platform and a simplified incident reporting flow within the National Cybersecurity Incident Reporting Platform (PNRISC).

These changes directly affect organizations classified as essential or important entities under OUG 155/2024, which transposes the NIS2 Directive into Romanian law.

What changed in PNRISC

PNRISC (pnrisc.dnsc.ro) is the official platform through which organizations report cybersecurity incidents to DNSC. The previous reporting process was considered complex and unintuitive by many organizations.

The new version brings:

Simplified reporting flow - redesigned interface for a faster and clearer process
Support for citizens and NIS2 entities - the same platform serves both individual reports and mandatory NIS2 notifications
Step-by-step guidance - forms are structured to reduce completion errors

Why this matters for NIS2 entities

Under OUG 155/2024 and DNSC Order No. 1/2025, essential and important entities have the following reporting obligations:

Early warning: 24 hours from incident detection
Full notification: 72 hours with technical details
Final report: 30 days with complete analysis and corrective measures

The simplified platform reduces the time needed to complete forms, which is critical when you have a 24-hour deadline.

Public Blacklist platform

The second update is the launch of a public Blacklist platform, accessible at pnrisc.dnsc.ro/blacklist. It contains domains involved in fraudulent activities, identified through proactive measures and reports validated by DNSC technical experts.

How it works

Validated domains - each domain undergoes technical analysis before being listed
Continuous updates - the list is updated as new domains are identified and validated
Public access - anyone can check whether a domain is considered risky
Community reporting - citizens can report suspicious domains, which are then analyzed by DNSC

Browser extension: DNSC Blacklist Protection

For additional protection, DNSC developed the "DNSC Blacklist Protection" extension, available for:

Chromium browsers (Chrome, Edge, Brave, Opera)
Mozilla Firefox (desktop and Android)

The extension uses local filtering by default, meaning it does not send data about your browsing to an external server. Only when it detects high-risk activity does it activate real-time queries to the DNSC server for verification.

This approach balances protection with privacy - an important consideration for organizations handling sensitive data.

How to use these tools in your NIS2 process

1. Install the Blacklist Protection extension

We recommend installing the extension on all workstations in your organization, especially for security and IT teams. The extension helps prevent access to fraudulent domains, reducing the risk of incidents that would require reporting.

2. Check suppliers in the Blacklist

Before contracting a new supplier or partner, checking their domain in the DNSC Blacklist can be an additional step in your supply chain security due diligence - an explicit NIS2 requirement.

3. Prepare the reporting process

Familiarize yourself with the new PNRISC interface before you need it. When an incident occurs, the last thing you want is to learn how to use the platform under the pressure of a 24-hour deadline.

4. Integrate into internal procedures

Update your organization's incident response procedure to reflect the new PNRISC flow. Document exact steps: who reports, what information is needed, how to complete the form.

The bigger picture: DNSC activates NIS2 implementation

The updated PNRISC and Blacklist launch follows a series of DNSC actions over the past year:

August 2025: DNSC Orders No. 1/2025 and No. 2/2025 entered into force, establishing registration obligations and risk assessment methodology
November 2025: DNSC Order No. 3/2025 regulated compliance surveillance and control
January-March 2026: National series of NIS2 workshops in Cluj-Napoca, Brasov, Bucharest, and Iasi
April 2026: Launch of simplified PNRISC and Blacklist platform

Each step demonstrates that DNSC is moving from the legislation phase to active implementation. Organizations that have not yet registered with DNSC risk fines of up to 10 million EUR (essential entities) or 7 million EUR (important entities).

How NIS2 Manager helps

NIS2 Manager simplifies the NIS2 compliance process through:

Structured gap analysis across 140 CyFunRO controls
Incident reporting with automatic deadline calculation (24h, 72h, 30 days) - integrated with the new PNRISC flow
Risk assessment following the methodology from DNSC Order No. 2/2025
Compliance dashboard showing your organization's status in real time

Start with the free eligibility calculator to check whether your organization falls under NIS2.

NIS2 Manager is a product of BetterQA, a software testing company with 50+ engineers and ISO 27001 certification.

DNSC launches Blacklist platform and simplifies cybersecurity incident reporting