National Computer Security Incident Response
- National Computer Security Incident Response Teams (CSIRTs)
- Best Practices for Establishing a National CSIRT (Guidebook, 2016)
Coordinate national incident response systems prevent, detect, deter, respond to and recover from cyber incidents. This system commonly includes one or more Computer Security Incident Response Teams (CSIRTs) with national responsibilities.
Nations and multilateral organizations with established national CSIRTs may mature their operations and broaden and strengthen their national and international information exchange of technical indicators and mitigation advices. National Cyber Security Centers may enable and encourage regional and sectorial initiatives to collectively strengthen cyber security-related ecosystems.
On a technical level, national CSIRTs preferably are well-connected with international communities. The global community may encourage nations to establish a national Computer Security Incident Response team capacity (CSIRT1) with national responsibility and coordination capabilities.
On a policy level, nations should identify their needs to establish and develop capacities, which will ensure incidents are communicated to the responsible entities, in order to provide the necessary information for decision making on a strategically level.
Best Practices for Establishing a National CSIRT by the Organisation of American States (OAS)
A Computer Security Incident Response Team (CSIRT) is an organization whose primary purpose is to provide information security ...
Global Good Practices - National Computer Security Incident Response Teams (CSIRTs)