Results of the GOVCERT.NL project
GOVCERT.NL all started with the policy document KWINT. This document explains that the Internet has become an essential part of society within the Netherlands. It states that the Internet brings much value to the country and also stimulates an innovative culture and new business possibilities.
Its assets must therefore be protected.
The Dutch government, the Ministry of Interior and Kingdom Relations, took proactive steps. It started our CSIRT (GOVCERT.NL) to organise measures focused on the prevention of and response to ICT related security incidents.
Tips for setting up a CSIRT
In our experience, it has proven essential to have a good orientation on what kind of CSIRT you want to create. Our tips for this:
- Formulate your position by answering the following questions:
- 1.1 What kind of CSIRT do you need?
- 1.2 What is your constituency?
- 1.3 Are there services, tooling, staffing and methods already available? What kind of information is processed?
- 1.4 What do the interested parties expect, what kind of products are you going to deliver?
- 1.5 What does your environment look like, what other CSIRTS can you cooperate with?
- 1.6 What kind of organisations do you need?
- 1.7 What is your responsibility?
- 1.8 Who is your sponsor and what is the budget?
- Talk to people in the ICT-Security environment or hire qualified people to inform you.
- Use the normal information available to you from your work environment , business plans, business continuity plans, etc.
- Go to CSIRT meetings and symposia, such as:
- 1.9 First
- 1.10 APCERT
- 1.11 Terena-TF-CSIRT
- In The Netherlands you can join the O-IRT-O meetings (operational Incident Response Teams-overleg) by sending them a mail, see the shortcut in the 'Helpful Information' section. GOVCERT.NL hosts this meeting which brings together several types of the above mentioned CSIRTS. We discuss operational issues, share knowledge, give presentations and are launching our Dutch-CSIRTs web portal: http://www.cert.nl/
- In short: first gather as much information as you can.
Helpful information