# NIS Cybersecurity Incident Taxonomy The taxonomy is meant for large scale cybersecurity incidents, as mentioned in the Commission Recommendation of 13 September 2017, also known as the blueprint. It has two core parts: The nature of the incident, i.e. the underlying cause, that triggered the incident, and the impact of the incident, i.e. the impact on services, in which sector(s) of economy and society. The repository contains a [JSON file including the machine-parsable tags](machinetag.json) along with their human-readable description. The software can use both representation on the user-interface and store the tag as machine-parsable.