Publication
Team Types Within the Context of Services Frameworks (1.0 v)
Authors
Year
- 2024
Description
- The Forum of Incident Response and Security Teams (FIRST) Services Frameworks have been developed fo…
Team Types Within the Context of Services Frameworks (1.0 v)
The Forum of Incident Response and Security Teams (FIRST) Services Frameworks have been developed for two primary team types: Computer Security Incident Response Teams (CSIRTs) and Product Security Incident Response Teams (PSIRTs). While there are established definitions for these teams, variations in practice and context may give slightly different meanings […]
Publication
Cyber Resilience in the Electricity Industry: Analysis and Recommendations on Regulatory Practices for the Public and Private Sectors
Year
- 2020
Description
- A variety of threat actors continually target power utilities, seeking to profit financially or othe…
Cyber Resilience in the Electricity Industry: Analysis and Recommendations on Regulatory Practices for the Public and Private Sectors
A variety of threat actors continually target power utilities, seeking to profit financially or otherwise cause harm using attack vectors such as ransomware or by disrupting the availability of critical functions as cyberattacks on critical infrastructure were ranked the fifth top risk in 2020 for multiple sectors, including energy. To […]
Publication
Enhancing Cyber Resilience in Electricity Systems
Year
- 2021
Description
- Using real-world examples, this report offers guidance to policy makers, electric utilities and othe…
Enhancing Cyber Resilience in Electricity Systems
Using real-world examples, this report offers guidance to policy makers, electric utilities and other stakeholders on how policies and actions could enhance the cyber resilience of electricity systems.
Publication
Developing a cybersecurity crisis management plan
Authors
Year
- 2023
Description
- In October 2022, DCAF – the Geneva Centre for Security Sector Governance, brought together legal e…
Developing a cybersecurity crisis management plan
In October 2022, DCAF – the Geneva Centre for Security Sector Governance, brought together legal experts from the Western Balkans for a Seminar on National Cybersecurity Legislation in Veles, North Macedonia. The seminar was organised in close cooperation with the Ministry of Information Society and Administration of the Republic of […]
Publication
ASEAN Country Reports: An analysis of cybersecurity posture for 10 ASEAN countries
Year
- 2020
Description
- The dynamic and evolving nature of attacks continues to pose a risk of economic damage as a looming …
ASEAN Country Reports: An analysis of cybersecurity posture for 10 ASEAN countries
The dynamic and evolving nature of attacks continues to pose a risk of economic damage as a looming threat. High-impact largescale Distributed Denial of Service (DDoS) attacks make use of unmanaged Internet services, which make the protection of critical infrastructures an essential component of cybersecurity. Additionally, as more countries rely […]
Publication
National CERT/CSIRT: Mandate and Organisation paper
Year
- 2023
Description
- This study explores the regulatory frameworks governing the functioning of national CERT/CSIRT capab…
National CERT/CSIRT: Mandate and Organisation paper
This study explores the regulatory frameworks governing the functioning of national CERT/CSIRT capabilities across NATO countries. Special focus has been given to civilian/military cooperation and the incorporation of military capabilities into national crisis management mechanisms. The report contains three substantive sections. First, it looks in general at the cyber security […]
Publication
Unpacking Cyber Capacity-Building Needs: Part I and Part II
Authors
Year
- 2023
Description
- There is a growing emphasis among Member States on the need to support the implementation of the Fra…
Unpacking Cyber Capacity-Building Needs: Part I and Part II
There is a growing emphasis among Member States on the need to support the implementation of the Framework for Responsible State Behaviour in the ICT environment (the Framework), including through dedicated guidance, assistance, and dedicated capacity-building efforts. In response to this demand and to increase the cybersecurity and resilience of Member […]
Publication
Joint Publication – Boosting your Organisation’s Cyber Resilience
Authors
Year
- 2022
Description
- About In light of rising major cyber threats, the European Union Agency for Cybersecurity (ENISA) an…
Joint Publication – Boosting your Organisation’s Cyber Resilience
About In light of rising major cyber threats, the European Union Agency for Cybersecurity (ENISA) and CERT- EU published a joint set of cybersecurity best practices for public and private organisations in the EU. The publication is mainly intended for decision makers (both in IT and general management) and security […]
Publication
CERT-EU Security Guidance 22-001: Cybersecurity mitigation measures against critical threats
Authors
Year
- 2023
Description
- About On February 14, ENISA and CERT-EU made a joint publication strongly encouraging all EU based o…
CERT-EU Security Guidance 22-001: Cybersecurity mitigation measures against critical threats
About On February 14, ENISA and CERT-EU made a joint publication strongly encouraging all EU based organisations to implement a set of cybersecurity best practices. Building on this joint publication, CERT-EU made available specific implementation recommendations. By applying these systematically, organisations can boost their cybersecurity defence and resilience. This would […]
Publication
ENISA Threat Landscape: Health Sector
Authors
Year
- 2023
Description
- About The European Union Agency for Cybersecurity (ENISA) released its first cyber threat landscape …
ENISA Threat Landscape: Health Sector
About The European Union Agency for Cybersecurity (ENISA) released its first cyber threat landscape for the health sector. The report found that ransomware accounts for 54% of cybersecurity threats in the health sector. The comprehensive analysis maps and studies cyberattacks, identifying prime threats, actors, impacts, and trends for a period […]
Publication
Responsible behaviour in cyberspace: Global narratives and practice
Year
- 2023
Description
- The chapters in this volume are divided into four sections focusing respectively on regional and int…
Responsible behaviour in cyberspace: Global narratives and practice
The chapters in this volume are divided into four sections focusing respectively on regional and international cooperation, national perspectives, capacity building and private-public partnerships, and finally on questions of international law and human rights. Each section thematically addresses one or more dimension(s) of ‘responsible state behaviour’ in cyberspace, and many […]
Publication
Operational framework and guidelines for the planning and execution of ITU regional cyberdrills
Year
- 2021
Description
- Context The International Telecommunication Union (ITU) improves cyber security readiness, protectio…
Operational framework and guidelines for the planning and execution of ITU regional cyberdrills
Context The International Telecommunication Union (ITU) improves cyber security readiness, protection and incident response capabilities by conducting cyberdrills at both regional and international levels. Cyberdrills are planned events during which cyber-attacks, information security incidents, and other disruptions are simulated in order to test the cyber capabilities of an organization, including […]
Publication
Cyber Insurance and Systemic Market Risk
Authors
Year
- 2020
Description
- This report proposes a method to better protect against losses associated with attacks by malicious …
Cyber Insurance and Systemic Market Risk
This report proposes a method to better protect against losses associated with attacks by malicious actors. The EastWest Institute puts forward a mechanism by which insurance industry can quantify and account for cyber risks. Recommendations to increase the cyber resilience and cybersecurity of economies are presented thereafter.
Publication
London conference on Cyber Resilience: Lessons on cybersecurity capacity-building from the UK’s Digital Access Programme
Authors
Year
- 2023
Description
- On 21–22 November 2022, Chatham House hosted the Strengthening Cyber Resilience Conference in Lond…
London conference on Cyber Resilience: Lessons on cybersecurity capacity-building from the UK’s Digital Access Programme
On 21–22 November 2022, Chatham House hosted the Strengthening Cyber Resilience Conference in London, with support from FCDO and in partnership with KPMG. The conference’s aim was to share experiences and knowledge about how international cybersecurity capacity-building can support national sustainable development and cybersecurity outcomes. The conference also explored the […]
Tool
European Repository of Cyber Incidents (EuRepoC)
Authors
Year
- 2022
Description
- The European Repository of Cyber Incidents (EuRepoC) is an independent research consortium dedicat…
European Repository of Cyber Incidents (EuRepoC)
The European Repository of Cyber Incidents (EuRepoC) is an independent research consortium dedicated to better understanding the cyber threat environment, particularly in the European Union. As a public information forum, its goal is to be a resource for its member institutions, government officials, civil society, business executives, journalists, educators, students, and other […]