Publication
The Ransomware Playbook and How to Disrupt It
Authors
Year
- 2025
Description
- Over the years, ransomware groups have improved their ‘playbooks’. This report looks at …
The Ransomware Playbook and How to Disrupt It
Over the years, ransomware groups have improved their ‘playbooks’. This report looks at government actions that aim to counter this new ransomware playbook. Based on the Virtual Routes Ransomware Countermeasures Tracker and insights from Ransom War: How Cybercrime Became a Threat to National Security, the report highlights what is working, what is […]
Publication
How to manage an information leak, a Beginner’s Guide for SMEs (Cómo gestionar una fuga de información. Una guía de aproximación al empresario)
Authors
Year
- 2017
Description
- The aim of this guide is to help SMEs to understand the steps to take in the event of a data breach …
How to manage an information leak, a Beginner’s Guide for SMEs (Cómo gestionar una fuga de información. Una guía de aproximación al empresario)
The aim of this guide is to help SMEs to understand the steps to take in the event of a data breach incident and to prevent it. The guide is structured in the following sections: Information leakage: concepts, origin and causes. The consequences of an information leak. Estimating the impact. […]
Publication
Guide for Cyber crisis management in SMEs (Guía para la Gestión de Crisis de Cyberseguridad en Empresas)
Authors
Year
- 2024
Description
- This cyber security guide aims to provide medium-sized companies with the necessary tools and strate…
Guide for Cyber crisis management in SMEs (Guía para la Gestión de Crisis de Cyberseguridad en Empresas)
This cyber security guide aims to provide medium-sized companies with the necessary tools and strategies to ensure the security and stability of their operations in the event of a cyber security crisis.
Tool
CSIRTs Americas Baseline: Maturity Reference for OAS Member States CSIRTs
Authors
Year
- 2025
Description
- This document presents the CSIRTAmericas network’s new resource: “SIM3 CSIRTAmericas Baseline”…
CSIRTs Americas Baseline: Maturity Reference for OAS Member States CSIRTs
This document presents the CSIRTAmericas network’s new resource: “SIM3 CSIRTAmericas Baseline”, a maturity baseline developed from the SIM3 model2 created by the Open CSIRT Foundation (OCF), an internationally recognized model for assessing the maturity of security teams. CSIRTAmericas Baseline serves to help organizations assess the readiness of their cyber incident […]
Tool
Geneva Dialogue – Cyber Quest
Authors
Year
- 2025
Description
- This online role-play simulation is designed for diplomats and professionals directly engaged in sha…
Geneva Dialogue – Cyber Quest
This online role-play simulation is designed for diplomats and professionals directly engaged in shaping global cybersecurity policy through the UN Open-ended Working Group (OEWG), and other related processes. The goal of this game is to connect cyber-norms and confidence-building measures (CBMs) to the practice through a practical a case of […]
Publication
Private-public initiatives for cybersecurity: the case of Ukraine
Authors
Year
- 2024
Description
- Despite widespread fears at the time, Ukraine appears to have been effective in countering Russian c…
Private-public initiatives for cybersecurity: the case of Ukraine
Despite widespread fears at the time, Ukraine appears to have been effective in countering Russian cyber aggression since the invasion of February 2022. During the period, Ukraine has been provided with significant levels of cyber defence support by allied governments and private sector companies. Through expert interviews and roundtables, the […]
Tool
CSIRT Maturity – Self-assessment Tool
Authors
Year
- 2022
Description
- This tool helps CSIRTs to self-assess their team’s maturity in terms of 45 parameters of the SIM3 …
CSIRT Maturity – Self-assessment Tool
This tool helps CSIRTs to self-assess their team’s maturity in terms of 45 parameters of the SIM3 v2i model. For several parameters, ENISA CSIRT maturity framework requires higher assessment level then it is required under the ENISA CSIRT maturity framework based on SIM3 v1. This is due to a constant […]
Publication
Final Report: Women’s Participation in Southeast Asia’s Cybersecurity Sector
Authors
Year
- 2024
Description
- This report compiles research findings from the “Women’s Participation in Southeast Asia…
Final Report: Women’s Participation in Southeast Asia’s Cybersecurity Sector
This report compiles research findings from the “Women’s Participation in Southeast Asia’s Cybersecurity Sector” project, which aimed to understand the cybersecurity workforce in Cambodia, Indonesia, Laos, Mongolia, and Thailand, identify workforce gaps, and assess women’s participation across these countries. Conducted in support of the ITU’s Women in Cyber (WiC) Mentorship […]
Tool
ITU Global Cybersecurity Index (GCI) v5
Authors
Year
- 2024
Description
- The Global Cybersecurity Index (GCI) is a trusted reference that measures the commitment of countrie…
ITU Global Cybersecurity Index (GCI) v5
The Global Cybersecurity Index (GCI) is a trusted reference that measures the commitment of countries to cybersecurity at a global level – to raise awareness of the importance and different dimensions of the issue. As cybersecurity has a broad field of application, cutting across many industries and various sectors, each […]
Publication
Digital First Responders – The Role of Computer Security Incident Response Teams (CSIRTS) in Developing Countries
Authors
Year
- 2024
Description
- This note intends to provide policy makers in developing countries with a clear understanding of the…
Digital First Responders – The Role of Computer Security Incident Response Teams (CSIRTS) in Developing Countries
This note intends to provide policy makers in developing countries with a clear understanding of the role and importance of Computer Security Incident Response Teams (CSIRTs) for enhancing cyber resilience. It is based on the data available at the time of writing, and reflects evolving international good practices, including experiences […]
Publication
Guide on Cyber Threat Intelligence
Authors
Year
- 2024
Description
- A newly published Guide from CREST looks into the different types of Cyber Threat Intelligence — C…
Guide on Cyber Threat Intelligence
A newly published Guide from CREST looks into the different types of Cyber Threat Intelligence — CTI – standalone deliverables and continued threat monitoring services – and crucially, how this discipline can be used to predict, prevent, detect and respond to threats. The updated Guide also includes new sections on […]
Publication
Best Practices for Cyber Crisis Management
Authors
Year
- 2024
Description
- This study highlights the complexities behind the notion of cyber crisis and the degree of subjectiv…
Best Practices for Cyber Crisis Management
This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends largely on the level of risk that EU Member States (MS) are prepared […]
Publication
Journal of Cyber Policy
Authors
Year
- 2016
Description
- The Journal of Cyber Policy has a strong emphasis on topics that are international in scope, and can…
Journal of Cyber Policy
The Journal of Cyber Policy has a strong emphasis on topics that are international in scope, and can address national and international cyber policy challenges. The challenges of the cyber world are cross-disciplinary, and the journal reflects this in the range of contributions that it solicits. The list of disciplines […]
Publication
Western Balkan CERT Cooperation
Year
- 2021
Description
- This publication focuses on providing concrete proposals for enhancing cooperation among national Co…
Western Balkan CERT Cooperation
This publication focuses on providing concrete proposals for enhancing cooperation among national Computer Security Incident Response Teams (CSIRTs) in the Western Balkans. It addresses questions related to areas of cooperation, successful CSIRT networks, and strategies for improving multilateral cooperation, while considering individual capacities and capabilities of the participating CSIRTs. Additional […]
Publication
Introduction to Computer Security Incident Response Teams (CSIRTs): Structures and Functions of Cybersecurity’s First Responders
Authors
Year
- 2024
Description
- This Guidebook is intended to help, in particular, new employees of Computer Security Incident Respo…
Introduction to Computer Security Incident Response Teams (CSIRTs): Structures and Functions of Cybersecurity’s First Responders
This Guidebook is intended to help, in particular, new employees of Computer Security Incident Response Teams (CSIRTs) (though it is likely relevant for existing CSIRT employees) understand the structure of CSIRTs, and clarify the expectations and how they can best be achieved.
