Publication
Best Practices for Establishing a National CSIRT by the Organisation of American States (OAS)
Authors
Year
- 2016
Description
- This guide analyzes several types of CSIRTs, including National-level CSIRTs, which respond to incid…
Best Practices for Establishing a National CSIRT by the Organisation of American States (OAS)
This guide analyzes several types of CSIRTs, including National-level CSIRTs, which respond to incidents at the nation-state level. These usually monitor and respond to incidents in government networks, and also serve as a coordinator of information security for the private sector or other sectors and institutions. They may or may […]
Publication
GFCE Global Good Practices – National Computer Security Incident Response Teams (CSIRTs)
Authors
Year
- 2017
Description
- Even the best cyber security posture and practices cannot guarantee that key organisations and infor…
GFCE Global Good Practices – National Computer Security Incident Response Teams (CSIRTs)
Even the best cyber security posture and practices cannot guarantee that key organisations and information infrastructures within a nation will not be vulnerable to malware, software failures, human errors, and other mishaps. The cyber threat landscape changes rapidly. Cyber incidents occur on a daily basis and may be of cross-border, […]
Publication
Common Taxonomy for Law Enforcement and The National Network of CSIRTs
Authors
Year
- 2017
Description
- The objective of this document is to support the Computer Security Incident Response Teams (CSIRTs) …
Common Taxonomy for Law Enforcement and The National Network of CSIRTs
The objective of this document is to support the Computer Security Incident Response Teams (CSIRTs) and the Public Prosecutors in their dealing with Law Enforcement Agencies in cases of criminal investigations, by providing a common taxonomy for the classification of incidents, named Common Taxonomy for Law Enforcement and The National […]
Tool
IBM X-Force Exchange
Authors
Year
- 2015
Description
- IBM® X-Force Exchange is a cloud-based, threat intelligence sharing platform that you can use to ra…
IBM X-Force Exchange
IBM® X-Force Exchange is a cloud-based, threat intelligence sharing platform that you can use to rapidly research the latest global security threats, aggregate actionable intelligence, consult with experts and collaborate with peers. IBM X-Force Exchange, supported by human- and machine-generated intelligence, leverages the scale of IBM X-Force to help users […]
Tool
The GFCE-MERIDIAN Good Practice Guide on Critical Information Infrastructure Protection for Governmental Policy-Makers
Authors
Year
- 2017
Description
- Critical Information Infrastructure Protection (CIIP) is a complex but important topic for nations. …
The GFCE-MERIDIAN Good Practice Guide on Critical Information Infrastructure Protection for Governmental Policy-Makers
Critical Information Infrastructure Protection (CIIP) is a complex but important topic for nations. Nations at large critically depend on Critical Infrastructure (CI) services such as energy supply, telecommunications, financial systems, drinking water, and governmental services. Information and communication technologies(ICT)-based services are becoming increasingly important for the functioning of CI. Disruption […]
Tool
GFCE Global Good Practices – Critical Information Infrastructure Protection (CIIP)
Authors
Year
- 2017
Description
- Some elements of ICT have become critical for national security. These elements form the Critical …
GFCE Global Good Practices – Critical Information Infrastructure Protection (CIIP)
Some elements of ICT have become critical for national security. These elements form the Critical Information Infrastructure (CII) of a nation. Protection of CII (CIIP) has obtained worldwide attention which has, for example, resulted in a OECD high-level policy framework (2008) containing recommendations on the Protection of Critical Information Infrastructure. […]
Tool
Produce and Present Trusted Metrics about Systemic Risk Conditions
Authors
Year
- 2017
Description
- A statistics platform, featuring metrics and data visualisation, allows for the measurement of key i…
Produce and Present Trusted Metrics about Systemic Risk Conditions
A statistics platform, featuring metrics and data visualisation, allows for the measurement of key indicators of malicious activity and risk conditions, and enables analytical insight about patterns, priorities, and trends for action. Such intelligence can be used by the CERT/CSIRT community, security sector, corporations, and organisations. If the metrics are […]
Tool
Establish a Clearinghouse for Gathering Systemic Risk Conditions Data in Global Networks
Authors
Year
- 2017
Description
- Internet networks are replete with systemic vulnerabilities. CERTs and other trusted operators req…
Establish a Clearinghouse for Gathering Systemic Risk Conditions Data in Global Networks
Internet networks are replete with systemic vulnerabilities. CERTs and other trusted operators require reliable information about their network’s health over time. Various organisations have set up systems to scan networks for vulnerabilities and/or monitor cyber-attacks. Many of these sources are open, but their provenance and collection processes are often opaque. […]
Tool
NIST Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy
Authors
Year
- 2017
Description
- This publication describes the Risk Management Framework (RMF) and provides guidelines for applying …
NIST Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy
This publication describes the Risk Management Framework (RMF) and provides guidelines for applying the RMF to information systems and organizations. The RMF provides a disciplined, structured, and flexible process for managing security and privacy risk that includes information security categorization; control selection, implementation, and assessment; system and common control authorizations; […]
Tool
NIST Framework for Improving Critical Infrastructure Cybersecurity V1.1
Authors
Year
- 2018
Description
- The NIST Cybersecurity Framework provides a policy framework of computer security guidance for how p…
NIST Framework for Improving Critical Infrastructure Cybersecurity V1.1
The NIST Cybersecurity Framework provides a policy framework of computer security guidance for how private sector organizations in the United States can assess and improve their ability to prevent, detect, and respond to cyber attacks. The framework has been translated to many languages and is used by the governments of […]
Tool
International Cyber Law in Practice: Interactive Toolkit
Authors
Year
- 2024
Description
- The Cyber Law Toolkit is a dynamic interactive web-based resource for legal professionals who work w…
International Cyber Law in Practice: Interactive Toolkit
The Cyber Law Toolkit is a dynamic interactive web-based resource for legal professionals who work with matters at the intersection of international law and cyber operations. The Toolkit may be explored and utilized in a number of different ways. At its core, it presently consists of 32 hypothetical scenarios. Each […]
