Tool
FIRST CSIRT Services Framework (Version 2.1)
Authors
Year
- 2019
Description
- The Computer Security Incident Response Team (CSIRT) Services Framework is a high-level document des…
FIRST CSIRT Services Framework (Version 2.1)
The Computer Security Incident Response Team (CSIRT) Services Framework is a high-level document describing in a structured way a collection of cyber security services and associated functions that Computer Security Incident Response Teams and other teams providing incident management related services may provide. The mission and purpose of the CSIRT […]
Publication
11 Strategies of A World-Class Cybersecurity Operations Center
Authors
Year
- 2022
Description
- This book presents an overview of how to organize and consider the many functions in cybersecurity o…
11 Strategies of A World-Class Cybersecurity Operations Center
This book presents an overview of how to organize and consider the many functions in cybersecurity operations centers (SOCs). It describes strategies that can be applied to SOCs of all sizes, from two people to large, multi-national centers with hundreds of people. It is intended for all cybersecurity operations center […]
Publication
SEI – Create a CSIRT
Authors
Year
- 2017
Description
- Keeping organizational information assets secure in today’s interconnected computing environme…
SEI – Create a CSIRT
Keeping organizational information assets secure in today’s interconnected computing environment is a true challenge that becomes more difficult with each new “e” product and each new intruder tool. Most organizations realize that there is no one solution or panacea for securing systems and data; instead a multi-layered security strategy is […]
Publication
Building a SOC: Start Small
Authors
Year
- 2017
Description
- Protecting and defending against digital attacks requires visibility and control of the digital infr…
Building a SOC: Start Small
Protecting and defending against digital attacks requires visibility and control of the digital infrastructure within your organisation and of all the events taking place within this. An increasingly common way to achieve this is to implement a Security Operations Centre (SOC). However, in order for a SOC to function successfully, […]
Publication
ITU cybersecurity programme: CIRT framework
Authors
Year
- 2021
Description
- This report sets out how to establish a national CIRT and outlines cooperation mechanisms at the reg…
ITU cybersecurity programme: CIRT framework
This report sets out how to establish a national CIRT and outlines cooperation mechanisms at the regional and international levels that identify, manage, and respond to cyberthreats.
Publication
The Sector CSIRT Framework: Developing Sector-Based Incident Response Capabilities
Authors
Year
- 2021
Description
- The U.S. Department of State, Office of the Coordinator for Cyber Issues commissioned the Software E…
The Sector CSIRT Framework: Developing Sector-Based Incident Response Capabilities
The U.S. Department of State, Office of the Coordinator for Cyber Issues commissioned the Software Engineering Institute (SEI) to create the Sector CSIRT Framework for (1) developing a sector-based computer security incident response and coordination capability and (2) integrating this capability into a larger national cybersecurity ecosystem as applicable. The […]
Publication
Global Cyber Expertise Magazine – Issue 11 – September 2022
Authors
Year
- 2022
Description
- The Global Cyber Expertise Magazine is a joint initiative by the African Union, European Union, Glob…
Global Cyber Expertise Magazine – Issue 11 – September 2022
The Global Cyber Expertise Magazine is a joint initiative by the African Union, European Union, Global Forum on Cyber Expertise and Organization of American States. The Magazine aims to provide cyber policymakers and stakeholders insight on cyber capacity building projects, policies and developments globally. In this edition, our cover story […]
Tool
A Short Guide to Stakeholder Engagement on National Cybersecurity Strategy Development
Authors
Year
- 2022
Description
- Stakeholder engagement is key to the success of any project and is often more of an art than a scien…
A Short Guide to Stakeholder Engagement on National Cybersecurity Strategy Development
Stakeholder engagement is key to the success of any project and is often more of an art than a science. Initial stakeholder consultations and core consultation events are crucial for different aspects of the National Cybersecurity Strategy (NCS) development: from building relationships and trust and confidence in the process to […]
Publication
Developing Cyber Security as a Profession
Authors
Year
- 2022
Description
- This report was drawn up by the GFCE’s Working Group D on Cyber Security Culture and Skills in ord…
Developing Cyber Security as a Profession
This report was drawn up by the GFCE’s Working Group D on Cyber Security Culture and Skills in order to better understand different perspectives on developing cyber security as a profession, including the possible barriers that exist, qualifications and accreditations, and the role of awareness campaigns and regulation. The results […]
Publication
National Cybersecurity Strategies: Lessons Learned and Reflections from The Americas and Other Regions
Authors
Year
- 2022
Description
- The authors of this paper aim to address this challenge by offering information on the possible appr…
National Cybersecurity Strategies: Lessons Learned and Reflections from The Americas and Other Regions
The authors of this paper aim to address this challenge by offering information on the possible approaches to policymakers working on the development, implementation, and review of NCSs in the Americas. We include descriptions of different possible approaches and considerations, illustrated through examples from some OAS member states and other […]
Tool
The Promoting Global Cyber Resilience for Sectors and Society Cyber Capability Maturity Model (PROGRESS CCMM)
Authors
Year
- 2021
Description
- Achieving cyber resilient critical infrastructure poses a significant engineering management challen…
The Promoting Global Cyber Resilience for Sectors and Society Cyber Capability Maturity Model (PROGRESS CCMM)
Achieving cyber resilient critical infrastructure poses a significant engineering management challenge. Society relies on infrastructure and services that extend beyond the managerial boundaries of a specific organizational entity, yet most existing cybersecurity maturity models typically aim to assess a single organization. The Regional Cyber Resilience Laboratory of the Tel Aviv […]
Tool
Hardenize Public Dashboards
Authors
Year
- 2022
Description
- Hardenize provides free, fully-automated, public dashboards that enable continuous security monitori…
Hardenize Public Dashboards
Hardenize provides free, fully-automated, public dashboards that enable continuous security monitoring of key online ecosystems. They work with official organizations and governments to provide visibility and increase public awareness. Their key contribution is via their comprehensive network and security configuration assessment technology, which is provided as a free service to […]
Publication
African Lessons in Cyber Strategy
Authors
Year
- 2022
Description
- Africa faces a growing array of cyber threats from espionage, critical infrastructure sabotage, com…
African Lessons in Cyber Strategy
Africa faces a growing array of cyber threats from espionage, critical infrastructure sabotage, combat innovation, and organized crime. Still, most African countries have yet to devise a national cybersecurity strategy. Many countries with strategies fail to achieve meaningful impact because their plans are missing fundamental components, do not include key stakeholders, […]
Publication
Towards Identifying Critical National Infrastructures in the National Cybersecurity Strategy Process
Authors
Year
- 2022
Description
- This white paper builds upon existing CNI/CII work within the GFCE and proposes some practical consi…
Towards Identifying Critical National Infrastructures in the National Cybersecurity Strategy Process
This white paper builds upon existing CNI/CII work within the GFCE and proposes some practical considerations and measures for how countries can develop approaches for identifying CNI/CII as part of their NCS development and implementation processes. The paper addresses three foundational elements related to CNI/CII identification in the context of […]
Publication
Pre-University Cyber Security Education: A report on developing cyber skills amongst children and young people
Authors
Year
- 2022
Description
- This report provides results from a research project about cyber security education and skills devel…
Pre-University Cyber Security Education: A report on developing cyber skills amongst children and young people
This report provides results from a research project about cyber security education and skills development for children and young people (up to the age of 18) in a pre-university setting. The research work was commissioned by the Global Forum on Cyber Expertise (GFCE), as a recently identified priority of the […]
