Measuring CERT Effectiveness – “What does good look like?”

The purpose of this White Paper is to identify how CERTs, globally, ensure they are delivering on the vision that launched their creation. CERTs were created to address a problem, so how are we measuring that the problem is being addressed?

To answer the main question of what does good look like, CISO Lens covered five broad areas in the interviews that built up this white paper:

• How the information sharing organisation was established (including funding).
• The purpose and objectives of the organisation and how it measures itself against these.
• Key functions and roles within the organisation.
• Any powers and enforcement available to these organisations.
• How the organisation approaches stakeholder management.

This white paper argues that: measuring the success of an agency tasked with responding to and preventing cyber security incidents is inherently challenging and two factors are critical:

– Firstly, to ensure that the organisation works smoothly, and the work of ENISA (see Appendix A) will be useful toward this goal.

– Secondly, maintaining a laser focus on who the CERT serves is critical. In the conclusion a possible governance structure to support this focus is arrayed.