The NIS Directive Commentary has been updated with regard to Article 8. Articles 1, 3 and 7 NIS Directive foresee the adoption of a national framework by each Member State including a strategy on NIS security as well as regulatory measures covering OESs and DSPs. The envisaged increase of Member States’ capabilities further requires a corresponding institutional setting which is enshrined in Articles 8, 9 and 10 NIS Directive with the designation of a national competent authority (NCA), a single point of contact (SPOC) and at least one computer security incident response team (CSIRT). In that regard, Art. 8 NIS Directive requires each Member State to designate at least one national competent authority (NCA) responsible for fulfilling the tasks linked to the security of the NIS of operators of essential services and digital service providers under this Directive. Furthermore, each Member State is required to designate a national single point of contact (SPOC) in order to facilitate cross-border cooperation and communication and to enable effective implementation of the NIS Directive.