Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

ENISA Issues Guide to Operating CERTs

The European Network and Information Security Agency (ENISA), Europe’s Cyber security agency, issued a new guide on good practice, practical information and guidelines for the management of network and information security incidents by Computer Emergency Response Teams (CERTs).

ENISA CERT

The European Network and Information Security Agency (ENISA), Europe’s Cyber security agency, issued a new guide on good practice, practical information and guidelines for the management of network and information security incidents by Computer Emergency Response Teams (CERTs).

ENISA CERT

Released as a follow-up to ENISA’s CERT setup-up guide, The Good Practice Guide for Incident Management facilitates ENISA’s effort to reinforce the capabilities of national and governmental CERTs.

The guide focuses on the incident handling process, the core service carried out by most CERTs, involving the detection and registration of incidents, followed by classifying, prioritizing and assigning incidents, incident resolution, closing and post-analysis.

The guide is targeted to the technical staff and management of governmental and other institutions operating a CERT, though any group or team that handles information or network security incidents can benefit from the guide.

Related Reading – The Increasing Importance of Securing The Smart Grid

ENISA has advocated that all Member States set up a CERT and proposed there should be an establishment of a CERT in all member states across Europe by 2012, and one for the EU-institutions.

Topics covered by The Good Practice Guide for Incident Management include:

– Basics of a CERT, its mission, constituency and authority

– Organizational framework and roles within a CERT

– Workflows and internal policies

– Cooperation with external parties and outsourcing

– How to present the work to the management.

In December 2010, the agency released a report identifying what it sees as the top security risks and opportunities of smartphone use and gives security advice for businesses, consumers and governments.

The Guide is available here.

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

Funding/M&A

Twenty-one cybersecurity-related M&A deals were announced in December 2022.