National Computer Security Incident Response

Publication

Team Types Within the Context of Services Frameworks (1.0 v)

Authors

• Forum of Incident Response and Security Teams (FIRST)

Year

• 2024

Description

• The Forum of Incident Response and Security Teams (FIRST) Services Frameworks have been developed fo…

Team Types Within the Context of Services Frameworks (1.0 v)

The Forum of Incident Response and Security Teams (FIRST) Services Frameworks have been developed for two primary team types: Computer Security Incident Response Teams (CSIRTs) and Product Security Incident Response Teams (PSIRTs). While there are established definitions for these teams, variations in practice and context may give slightly different meanings […]

Publication

Developing a cybersecurity crisis management plan

Authors

• DCAF – Geneva Centre for Security Sector Governance

Year

• 2023

Description

• In October 2022, DCAF – the Geneva Centre for Security Sector Governance, brought together legal e…

Developing a cybersecurity crisis management plan

In October 2022, DCAF – the Geneva Centre for Security Sector Governance, brought together legal experts from the Western Balkans for a Seminar on National Cybersecurity Legislation in Veles, North Macedonia. The seminar was organised in close cooperation with the Ministry of Information Society and Administration of the Republic of […]

Publication

Joint Publication – Boosting your Organisation’s Cyber Resilience

Authors

• European Union Agency for Cybersecurity (ENISA)
• CERT-EU

Year

• 2022

Description

• About In light of rising major cyber threats, the European Union Agency for Cybersecurity (ENISA) an…

Joint Publication – Boosting your Organisation’s Cyber Resilience

About In light of rising major cyber threats, the European Union Agency for Cybersecurity (ENISA) and CERT- EU published a joint set of cybersecurity best practices for public and private organisations in the EU. The publication is mainly intended for decision makers (both in IT and general management) and security […]

Publication

CERT-EU Security Guidance 22-001: Cybersecurity mitigation measures against critical threats

Authors

• CERT-EU

Year

• 2023

Description

• About On February 14, ENISA and CERT-EU made a joint publication strongly encouraging all EU based o…

CERT-EU Security Guidance 22-001: Cybersecurity mitigation measures against critical threats

About On February 14, ENISA and CERT-EU made a joint publication strongly encouraging all EU based organisations to implement a set of cybersecurity best practices. Building on this joint publication, CERT-EU made available specific implementation recommendations. By applying these systematically, organisations can boost their cybersecurity defence and resilience. This would […]

Publication

Cyber Insurance and Systemic Market Risk

Authors

• Observer Research Foundation (ORF) America
• EastWest Institute

Year

• 2020

Description

• This report proposes a method to better protect against losses associated with attacks by malicious …

Cyber Insurance and Systemic Market Risk

This report proposes a method to better protect against losses associated with attacks by malicious actors. The EastWest Institute puts forward a mechanism by which insurance industry can quantify and account for cyber risks. Recommendations to increase the cyber resilience and cybersecurity of economies are presented thereafter.  

Tool

European Repository of Cyber Incidents (EuRepoC)

Authors

• Cyber Policy Institute (CPI)
• German Institute for International and Security Affairs (SWP)

Year

• 2022

Description

• The European Repository of Cyber Incidents (EuRepoC) is an independent research consortium dedicat…

European Repository of Cyber Incidents (EuRepoC)

The European Repository of Cyber Incidents (EuRepoC) is an independent research consortium dedicated to better understanding the cyber threat environment, particularly in the European Union. As a public information forum, its goal is to be a resource for its member institutions, government officials, civil society, business executives, journalists, educators, students, and other […]

Publication

Practical Guide for CSIRTs (Volume 2): A Sustainable Business Model

Authors

• Organization of American States (OAS)

Year

• 2023

Description

• This guide is based on the previous document “Best Practices for Establishing a National CSIRT…

Practical Guide for CSIRTs (Volume 2): A Sustainable Business Model

This guide is based on the previous document “Best Practices for Establishing a National CSIRT“, developed by the Organization of American States (OAS) in 2016, which covers topics on planning and implementing a Computer Security Incident Response Team (CSIRT). This second edition is intended to build upon the previous and […]

Tool

Cyber Incident Reporting Framework: Global Edition

Authors

• Institute for Security and Technology (IST)
• Cyber Threat Alliance (CTA)

Year

• 2023

Description

• The updated, global edition of the framework presented here builds off that first document that CTA …

Cyber Incident Reporting Framework: Global Edition

The updated, global edition of the framework presented here builds off that first document that CTA and IST released in November 2022, and adds significant contextual discussion. It develops a model reporting format that cybersecurity authorities and other government authorities worldwide could use as the foundation for their national reporting […]

Publication

Cyber Incident Classification: A Report on Emerging Practices within the OSCE region

Authors

• Organization for Security and Co-operation in Europe (OSCE)

Year

• 2022

Description

• The report highlights emerging practices in national classification of cyber incidents by underlinin…

Cyber Incident Classification: A Report on Emerging Practices within the OSCE region

The report highlights emerging practices in national classification of cyber incidents by underlining commonalities in existing approaches to cyber incident classification among OSCE participating States and identifying limitations in this process. Although experiences in developing cyber incident classification systems are diverse across participating States, the knowledge derived from these processes […]

Tool

Blueprint for Ransomware Defense

Authors

• Institute for Security and Technology (IST)

Year

• 2022

Description

• The Blueprint for Ransomware is a clear, actionable framework for ransomware mitigation, response, a…

Blueprint for Ransomware Defense

The Blueprint for Ransomware is a clear, actionable framework for ransomware mitigation, response, and recovery for small and medium enterprises that are most relevant to combating ransomware.  The Blueprint recommendations are a curated subset of essential cyber hygiene Safeguards from the Center for Internet Security Critical Security Controls® (CIS Controls®) […]

Publication

Ransomware Task Force Report: Combating Ransomware

Authors

• Institute for Security and Technology (IST)

Year

• 2021

Description

• The RTF Report is a strategic framework that aims to help policymakers and industry leaders take sys…

Ransomware Task Force Report: Combating Ransomware

The RTF Report is a strategic framework that aims to help policymakers and industry leaders take system-level action — through potential legislation, funding new programs, or launching new industry-level collaborations — that will help the international community build resistance, disrupt the ransomware business model, and develop resilience to the ransomware […]

Tool

Cyber Incident Management (CIM) Cybil Portal Resources Guide

Authors

• Global Forum on Cyber Expertise (GFCE)

Year

• 2022

Description

• The Cyber Incident Management (CIM) Cybil Portal Resources Guide is an initiative of the GFCE Workin…

Cyber Incident Management (CIM) Cybil Portal Resources Guide

The Cyber Incident Management (CIM) Cybil Portal Resources Guide is an initiative of the GFCE Working Group B CIM Task Force. The objective of this guide is to provide an overview of all the resources that are available for the CIM community on the Cybil Portal as of October 2022. […]

Publication

Establishing a CSIRT

Authors

• Thailand – ThaiCERT

Year

• 2017

Description

• This handbook is designed for organizations who wish to learn more about CSIRT teams and start one t…

Establishing a CSIRT

This handbook is designed for organizations who wish to learn more about CSIRT teams and start one themselves. It describes both the process to establish a team and the various requirements. Examples are given where possible, to show how each step can be completed. The intended audience is management level, […]

Tool

CSIRT Maturity Kit

Authors

• Netherlands (the) – National Cyber Security Centre (NCSC – NL)
• Global Forum on Cyber Expertise (GFCE)

Year

• 2015

Description

• The purpose of this CSIRT Maturity Kit is to help emerging and existing Computer Security Response T…

CSIRT Maturity Kit

The purpose of this CSIRT Maturity Kit is to help emerging and existing Computer Security Response Teams (CSIRTs) to increase their maturity level. This is achieved by offering a set of best practices that cover CSIRT governance, organisation and operations. The document that is presented now provides a starting point […]

Tool

SOC-CMM & SOC-CMM for CERT

Authors

• SOC – CMM

Year

• 2022

Description

• The SOC-CMM is a capability maturity model that can be used to perform a self-assessment of your Sec…

SOC-CMM & SOC-CMM for CERT

The SOC-CMM is a capability maturity model that can be used to perform a self-assessment of your Security Operations Center (SOC). The model is based on review conducted on literature regarding SOC setup and existing SOC models as well as literature on specific elements within a SOC. The literature analysis […]