Since significant cyber threatsa cyber threat the technical characteristics of which indicate that it could have the potential to result in a major ICT-related incident or a major operational or security payment-related incident are to be reported on a voluntary basis, the requested information should not pose burden to financial entitiesas defined in Article 2, points (a) to (t) to obtain and should be more limited than the information requested for major incidents.