|
The centralization of security-related activities is one of the current trends among those organizations which intend to maintain good practices, respect current regulatory requirements, and above all, among those organizations that whish to confront emerging risks to which they are exposed in an efficient and economical manner.
However, this centralization requires a large effort directed at the supervision of all Security Infrastructures and associated Incidence management which, in most cases, exceed most organizations’ daily business. For many enterprises, the only way to achieve this in an economical way is through the creation of a centralized operational Computer Emergency Response Team (CERT) structure which will allow the management of operative risks involved with the use of ICT.
It can equally be said that, a Technology and Information Security CERT, can be compared to Spain’s Emergency Telephone number. What is a CERT? A CERT (also known as CSIR or IRT) comes from the English acronym Computer Emergency Response Team and it represents and according to the original definition of the University of Carnegie Mellon represents “an organization focused on ensuring that the practices of technology and management of Security are used appropriately to resist attacks to interconnected systems, limit the damage, and ensure the continuity of critical services regardless of successful attacks, accidents or failures”.
In short, it is a group of multidisciplinary experts, working with common processes and platforms, and generally operating 24x7 and who manage Security Incidents which may affect Information Systems under their responsibility.
In addition to Incident Management, a CERT can also act as a centre of excellence for the Security of the community/organization to which they offer their services by: - Defining itself as an Investigation and Risk Analysis Centre on Information Systems related trends.
- Developing an extensive Awareness and Training Program for its community.
- Diffusion of good practices, methodologies, and tools to assist the communiti in managing its security adequately.
- Offering proactive and centralized services for its community, such as services of auditing, certification, etc.
What are the most important aspects of a CERT? CERT Service Description The implementation of a Computer Emergency Response Team (CERT) generally consists, in the following steps: - Strategic design of the centre through the definition of a master plan and its high-level strategies.
- Operational and organizational design aligned with strategies, applicable regulations, standards and good practices.
- Development of communication and awareness activities among the community and related organizations.
- Design of the ICT infrastructure operations and support platforms.
- Selection and training of human resources.
- Efficient service assistance for the community.
TB·Security offers all types of consulting services for the design, development and operation of Computer Emergency Response Teams (CERT). We have developed our own methodologies based on the best standards and practices on the market (ISO-27001, ITIL/ISO-20000, etc.), and up-to-datet tools. Vision
References TB·Security is Spain’s leader in the design, implementation and operation of Computer Emergency Response Teams (CERT), with over 12 years of experience in CERT Management (esCERT), and is a referenced partner for major initiatives both at national and international levels. - EsCERT-UPC CERT of the Universidad Politécnica de Cataluña
- CCN-CERT CERT of the CCN/CNI for Public Administrations
- CERITEL (VEN-CERT) of the SUSCERTE (Bolivian Republic of Venezuela)
|
