Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

ENISA Issues Guide to Operating CERTs

The European Network and Information Security Agency (ENISA), Europe’s Cyber security agency, issued a new guide on good practice, practical information and guidelines for the management of network and information security incidents by Computer Emergency Response Teams (CERTs).

ENISA CERT

The European Network and Information Security Agency (ENISA), Europe’s Cyber security agency, issued a new guide on good practice, practical information and guidelines for the management of network and information security incidents by Computer Emergency Response Teams (CERTs).

ENISA CERT

Released as a follow-up to ENISA’s CERT setup-up guide, The Good Practice Guide for Incident Management facilitates ENISA’s effort to reinforce the capabilities of national and governmental CERTs.

The guide focuses on the incident handling process, the core service carried out by most CERTs, involving the detection and registration of incidents, followed by classifying, prioritizing and assigning incidents, incident resolution, closing and post-analysis.

The guide is targeted to the technical staff and management of governmental and other institutions operating a CERT, though any group or team that handles information or network security incidents can benefit from the guide.

Related Reading – The Increasing Importance of Securing The Smart Grid

ENISA has advocated that all Member States set up a CERT and proposed there should be an establishment of a CERT in all member states across Europe by 2012, and one for the EU-institutions.

Topics covered by The Good Practice Guide for Incident Management include:

– Basics of a CERT, its mission, constituency and authority

Advertisement. Scroll to continue reading.

– Organizational framework and roles within a CERT

– Workflows and internal policies

– Cooperation with external parties and outsourcing

– How to present the work to the management.

In December 2010, the agency released a report identifying what it sees as the top security risks and opportunities of smartphone use and gives security advice for businesses, consumers and governments.

The Guide is available here.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.