[Bp_certs] About types of CERTs

Carlos M. Martinez carlos at lacnic.net
Wed Jul 16 13:25:18 EDT 2014 

Hello all,

Two very common misconceptions that i've found are that CSIRTs should:

(a) have some sort of exclusivity over a certain constituency and,
(b) be arranged in some sort of top-bottom hierarchy with lower-level
CSIRTs reporting to higher-level CSIRTs all the way up to a single
'national CSIRT'

Events like the IGF can help a lot in dispelling these myths / urban
legends.

warm regards

-Carlos

On 7/15/14, 8:36 PM, Cristine Hoepers wrote:
> Dear all,
>
> First of all, thanks for the interest in the IGF CERTs BPF!
>
> I would like to share some thoughts, considering discussions I
> participated in previous IGF and pre-IGF events, and the discussion
> that took place in the mailing list a few days ago, about CSIRTs with
> national responsibility (in short "National CSIRTs" or "National
> CERTs"), which has also brought a little bit of discussion about other
> types of CSIRTs.
>
> There is no right or wrong about who hosts a National CSIRT, or which
> services it should provide.  From experience, each country will need
> to identify what works best in its case, as well as consider other
> issues like services, funding, local internet governance structure and
> cultural issues, among other factors that might impact the decision.
>
> Also, several countries have more than one National CSIRT, and the
> number is growing each year.  In the last National CSIRTs meeting,
> about 2 weeks ago, there was a very interesting discussion about the
> future of National CSIRTs and their role.  In this panel there was an
> agreement that National CSIRTs are teams whose constituency are
> networks/organizations/assets of National importance, and that the
> number of such teams tend to increase.
>
> I would like to share some examples of National CSIRTs that are
> operated by different stakeholders -- note that the focus of the
> information is to give examples of different hosting organization, not
> the constituency served by each team:
>
> - CERT.br - is operated by NIC.br, a not for profit organization that
>   implements the decisions and projects defined by the Brazilin
>   Internet Steering Committee - CGI.br.  And CGI.br is the
>   multi-stakeholder internet governance body in Brazil.  All funding
>   comes from <.br> domain name registration.
>
> - CERT.PL (previously CERT Polska) - is operated by NASK (Research and
>   Academic Computer Network), a research institute which conducts
>   scientific studies, operates the national .pl domain registry and
>   provides advanced IT services.
>
> - JPCERT/CC - is an independent non-profit organization.
>
> - CARICERT - is sponsered by the Curaçao Bureau Telecommunication and
>   Post (BT&P).
>
> - Egyptian CERT - is operated by the Ministry of Communications and
>   Information Technology.
>
> - CERT-EE - operated by the Estonian Information System Authority
>   (RIA), a subdivision of the Estonian Ministry of Economic Affairs
>   and Communications.
>
> A more complete list of CSIRTs that have responsibility for an economy
> or a country can be found here:
> http://cert.org/incident-management/national-csirts/national-csirts.cfm
>
> I'll not get this e-mail even longer, but there are CSIRTs in many
> different organizations, with different missions and services.  The
> most important of all is that these CSIRTs work in cooperation to make
> the Internet more stable and secure.  A list of teams that are members
> of FIRST (the Forum of Incident Response and Security Teams) can be
> found here: http://first.org/members/teams
>
> I personally think the work of the CERT BPF is a great opportunity for
> us all to share experiences, best practices, questions, case studies,
> but most of all it is a great opportunity for us to identify
> challenges and try to find a way to start answering the open
> questions.
>
>
> Best regards,
> Cristine
>
> --
> Cristine Hoepers, D.Sc.
> General Manager
> CERT.br/NIC.br
> http://www.cert.br/
>
> _______________________________________________
> Bp_certs mailing list
> Bp_certs at intgovforum.org
> http://mail.intgovforum.org/mailman/listinfo/bp_certs_intgovforum.org

More information about the Bp_certs mailing list