Im Besonderen: Internet-Sicherheit als internationales Thema

Cyber Angriffe machen keinen Halt vor territorialen Grenzen. Darum bedarf es länderübergreifender Strategien und Lösungsansätze – ENISA Gastkommentar.

Role of national and governmental CERTs in national cyber cooperation

Protecting information online has been a challenging task for many companies, institutions, network providers or individuals due to the extensive growth of businesses and private life going 'online' in the 21st century. Computer Emergency Response Teams (CERTs) are established to support this task by primarily providing necessary response to cyber incidents. Over years the role, tasks and responsibilities of a CERT have developed, especially in the area of national and governmental teams (n/g CERTs) due to information handling expansion into the virtual domain in our daily lives.

Except incident response as core service, there are many other, very important services provided by n/g CERTs. An important task is cooperation with different partners on national and cross-border level. The complexity of procedures, laws, processes and interest of different entities in the cyber world enforce teams to focus and increase their collaboration ambitions and capabilities.

Engagement in activities like supporting the CERT community, saving time and resources e.g. by applying lessons learnt from incident handling, usage and development of tools and information sharing in general or engaging in the (inter)national fight against cybercrime (like cooperation with law enforcement) are not only of benefit for the particular team, but for the community as a whole.

Another example of "new" tasks of n/g CERT's lies in the area of protection of national critical information infrastructure (CIIP). This role varies from country to country and heavily depends on the respective national cyber security strategy (NCSS) and established practices. In some countries the n/g CERT has a more operational role (such as in Estonia or Austria). In other countries they pursue a more advisory role (like in the Czech Republic or Latvia).

How does cooperation work in practice?

There are many examples of successful national cooperation models, among others:

The Netherlands

The National Cyber Security Centre (NCSC) is a government initiative to centralise cyber security related tasks, and the Dutch n/g CERT has an important role to play here. The NCSC defines the integral approach and brings existing initiatives together. Ensuring digital security is the task of various parties and the NCSC acts as the link which binds together the different activities in the country.

Austria

The "Austrian Trust Circle" is an initiative of the national CERT (CERT.at) and the Austrian Federal Chancellery ("Bundeskanzleramt", BKA) and consists of Security Information Exchanges in the individual areas of strategic information infrastructure protection (CIIP). CERT.at offers, in cooperation with the governmental team (GovCERT Austria) and the BKA, a formal framework for practical information exchange and joint projects in the area of security.

Germany

In Germany many CERTs of many sectors are assembled in a formal cooperation network, the German "CERT Verbund". Traditionally, there is a close cooperation between the various teams to collect and prepare the necessary information they need for their own work. By the merge of CERT-Verbund this cooperation is provided on a consistent basis. However, the individual response teams in that network remain responsible for their respective target group (constituency). Other topics for collaboration in the CERT-Verbund are ensuring a common approach to the protection of national networks of information technology, and quickly and collectively react to IT Security incidents.

There are other aspects of collaboration which deserve attention: enabling new, freshly installed teams to quickly get up to speed with their services! ENISA plays well-recognised role in this process by collecting good practice from established, mature teams and making it available to newcomers. However, again it needs to be stressed that support on the national level, especially when there are already well-established teams in a country, is absolutely crucial for success!

Some examples of national supporting initiatives are: The national team of the Czech Republic (CSIRT.CZ) helped to establish the governmental CERT (govCERT.CZ) in that country. The (de facto) national CERT in Poland (CERT-Polska) supported the establishment of the governmental team (govCERT.pl).

In general: good practice shows that in many countries the n/g CERT has an indispensable role in the development of national cyber security cooperation processes and operations.

It is one of ENISA's main tasks to support the CERTs and the CERT communities in Europe! It is important to stress that without the engagement of well-established and mature teams, by supporting actively also in day-today business, ENISA could not succeed in this! CERT.at, one of the most advanced teams in Europe, plays a crucial role here. Keep up the good work!

Österreichischer Rekord beim Europäischen Monat der Cyber Sicherheit im Oktober 2013


Fachtagung im Rahmen des
Europäischen Sicherheitsmonats
im BKA am 8.10.2013
Als Zeichen der europäischen Zusammenarbeit fand im Oktober 2013 der erste European Cyber Security Month (ECSM) statt, unterstützt durch ENISA und die Europäische Kommission. Die wesentlichen Ziele dieser EU-Kampagne sind die prinzipielle Sensibilisierung der BürgerInnen zur sicherheitsbewussten Nutzung der Möglichkeiten der digitalen Informations- und Kommunikationstechnologien, sowie die Bewusstseinsbildung für Netzwerk- und Informationssicherheit als wichtiges Thema.

Neben Österreich beteiligten sich 25 weitere Staaten am Europäischen Monat der Cyber Sicherheit. Mit jeweils etwa einem Fünftel (20%) aller Teilnehmerorganisationen (13 von 69) bzw. Einzelaktivitäten und Veranstaltungen (18 von 86) war Österreich – wie auch von der ENISA gewürdigt – das Mitgliedsland mit den mit Abstand meisten Beiträgen zu dieser Kampagne. Die Schwerpunkte in Österreich reichten von Informationen für BürgerInnen über das IKT-Sicherheitsportal www.onlinesicherheit.gv.at über Fachtagungen für KMUs, Vorlesungen und Workshops an Hochschulen bis hin zur Präsentation eines Leitfadens für die Unterstützung kleiner und mittlerer Gemeinden bei der Implementierung von Maßnahmen zur Verbesserung der IKT-Sicherheit.



<< Vorige Nächste >>