Baseline capabilitites for national / governmental CERTs

Baseline capabilities for national / governmental CERTs

(Version 1.0 initial draft)

Executive summary

These documents constitute a very first attempt to define a minimum set of capabilities that a Computer Emergency Response Team (CERT) in charge of protecting critical information infrastructure (CIIP) in the Member States should possess to take part and contribute to a sustainable cross-border information sharing and cooperation.

Part 1 Operational aspects

The first part (2009) was derived from the answers to a survey ENISA carried out among all 120+ publicly listed  CERTs in Europe.

This part mainly aims at CERT managers and staff members, and have an operational/technical nature and have been very well accepted by the CERT community.

Part 2 Policy Recommendations

The second part was drafted in 2010. ENISA made further improvements and presents a set of policy recommendations on baseline capabilities of national/governmental CERTs. The document takes into account recommendations by internationally recognised centres of expertise and draws upon the experience and effective practice of existing CERTs.

This second part aims mainly at supporting policy- and decision-makers in the EU member states in the establishment of a suitable framework that will enable their national / governmental CERTs to operate properly, by shedding a light on policy requirements and experiences in the member states and also by providing some background information on the operations of CERTs so that their requirements and needs are understood better.

History

12/2009: Part 1 (Operational Aspects) – initial draft, based on a survey among 120+ European CERTs

12/2010: Part 2 (Policy Recommendations) - initial draft for policy recommendations