ENISA's goal is to continuously support the Member States in enhancing and strengthening the cooperation among n/g CSIRTs in order to achieve a powerful incident response when it is needed.
These documents constitute a very first attempt to define a minimum set of capabilities that a Computer Emergency Response Team (CERT) in charge of protecting critical information infrastructure (CIIP) in the Member States should possess to take part and contribute to a sustainable cross-border information sharing and cooperation.
The key obstacle to cross-border cooperation and incident response that we have identified in recent years is the diversity of capabilities across Member States.
Four baseline capabilities were therefore identified and remain the focus of our research and continuous work: mandate & strategy; service portfolio; operational and cooperation capabilities.
Harmonisation of ENISA n/g CSIRT capabilities scheme and good practice for ICS CSIRT capabilities
In 2013 we assess the level of compliance of n/g CSIRT baseline capabilities set developed by ENISA with other similar schemes and provide a report on harmonisation in areas like terminology, definitions, validation processes or requirements. The second part of this project is dedicated to explore CSIRT good practices for Industrial Control Systems.
For further information please contact: firstname.lastname@example.org
Baseline capabilities of n/g CSIRTs - Status Report 2012
This document will familiarise the reader with the current situation in Europe with regards to the n/g CERT's capabilities, and how these capabilities are deployed. More...
The updated map of n/g CSIRTs is available here.
Baseline capabilities of n/g CSIRTs - Updated Recommendations 2012
This document lists updated set of recommendations on gaps and shortcomings identified in the Status Report 2012. The number of gaps and shortcomings that still need to be addresssed in order for n/g CSIRTs to fully meet their baseline capabilities are outlined in along with recommendations on how to address them.More...
Baseline capabilities of n/g CSIRTs initial drafts
Part 1 Operational aspects
The first part (2009) was derived from the answers to a survey ENISA carried out among all 120+ publicly listed CSIRTs in Europe.
This part mainly aims at CSIRT managers and staff members, and have an operational/technical nature and have been very well accepted by the CSIRT community. More...
Part 2 Policy Recommendations 2010
The second part was drafted in 2010. ENISA made further improvements and presents a set of policy recommendations on baseline capabilities of n/g CSIRTs. The document takes into account recommendations by internationally recognised centres of expertise and draws upon the experience and effective practice of existing CSIRTs.
This second part aims mainly at supporting policy- and decision-makers in the EU member states in the establishment of a suitable framework that will enable their n/g CSIRTs to operate properly, by shedding a light on policy requirements and experiences in the Member States and also by providing some background information on the operations of CSIRTs so that their requirements and needs are understood better. More...
12/2009: Part 1 (Operational Aspects) – initial draft, based on a survey among 120+ European CERTs
12/2010: Part 2 (Policy Recommendations) - initial draft for policy recommendations
10/2012: Deployment of baseline capabilities of n/g CERT - Status Report
10/2012: Baseline capabilities of n/g CERT - Updated Recommendations