Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

New Guide on Cyber Security Incident Management to support the fight against cyber attacks

January 2011 by ENISA

The EU’s ‘cyber security’ Agency ENISA (the European Network and Information Security Agency) has issued a new guide on good practice, practical information and guidelines for the management of network and information security incidents by Computer Emergency Response Teams (CERTs).

Recent reports of increased cyber attacks in 2010 has made the need for and use of the Agency report on how to fight Cyber attacks even more topical and current. The Good practice guide for incident management focuses on the incident handling process. Incident handling is the core service carried out by most CERTs. This involves the detection and registration of incidents, followed by so called ‘triage’ (classifying, prioritising and assigning incidents), incident resolution, closing and post-analysis.

Other topics covered by the guide include:
 basics of a CERT,
 its mission, constituency and authority,
 organisational framework,
 roles within a CERT,
 workflows,
 internal policies,
 cooperation with external parties,
 outsourcing, and
 how to present the work to the management.

Political context. ENISA has advocated that all Member States set up a CERT and the European Commission recently (22/11/2010) proposed the EU’s Internal Security Strategy which included e.g. there should be an establishment of a Computer Emergency Response Teams in every Member States to network across Europe by 2012, and one for the EU-institutions. The Agency Executive Director Prof. Udo Helmbrecht comments: “This guide is a useful tool to support the Commission’s proposal on 30/09/10 to boost Europe’s defences against cyberattacks.”

The Good practice guide for incident management is a follow-up to the ENISA CERT setting-up guide. This new guide facilitates ENISA’s effort to reinforce the capabilities of national / governmental CERTs, the ‘digital firebrigades’, which are one of the key players in the critical information infrastructure protection (CIIP) at Member State levels.

The target audience for the guide are the technical staff and management of governmental and other institutions operating a Computer Emergency Response Team (CERT) in order to protect IT infrastructure. Yet, any group or team that handles information or network security incidents can benefit from following this guide.

Read the full report: http://www.enisa.europa.eu/act/cert/support/incident-management


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts