[Bp_certs] About types of CERTs

Damir Rajnovic gausix at gmail.com
Thu Jul 31 02:43:03 EDT 2014 

Hi Rohana,

I would say that government of a particular country designate
who is the national CERT. The government would simply point
to a team and say "you are national CERT" and give them their
marching orders. The government would then define who would be 
constituency and what services the national team would provide.

Simply as that - they are created by fiat.

Gaus



On Thu, Jul 31, 2014 at 10:44:48AM +0530, Rohana Palliyaguru wrote:
> Dear all,
> 
> In this discussion we have considered several key factors when  defining
> ¨National CERT¨. I tried to summarize them as follows...
> 
> 1. By means of constituency
> 
> The constituency of the National CERT will be Public sector, Private
> sector and the general Public. But it does not mean that the ¨National
> CERT¨ can resolve all their problems. There can be CERTs targeting
> specific constituency (eg: ISPs, Banks etc)
> 
> OR
> 
> Whose constituency are Networks/organizations/assets of National
> importance. which also does not mean that it can resolve all of their
> problems.
> 
> In this case there may be several National CERTs which will contradict
> with 3 below (By means of POC).
> 
> 2. By means of Product
> 
> What CERT is producing? what are their services? who is the constituency
> for those services? Whether they are being trusted by their constituency
> for their services etc. matters this definition.
> 
> In this case also there may be several National CERTs which will
> contradict with 3 below (By means of POC).
> 
> 3. By means of POC
> 
> National CERT would be the national POC of that particular country. As
> Cristine said
> 
> /There is no right or wrong about who hosts a National CSIRT, or which //services it should provide.  Each country will need // to identify what works best in its case, as well as consider other
> //issues like services, funding, local internet governance structure and //cultural issues, among other factors that might impact the decision./
> 
> The national POC will coordinate with all other CERTs/CSIRTs in that
> country to resolve the issues
> related to their country whenever required. The very first contact point
> for that country may be their National CERT. But it does not mean that
> anybody can not contact any other CERT/organization in that country if
> they required their help.
> 
> The problem here is who define the National CERT (POC) of a particular
> country? Is it by then government OR by any other body?
> 
> If we can have a combination of the above definitions to define
> ¨National CERT¨ it would be ideal.
> 
> 
> regards,
> 
> -- 
> Rohana Palliyaguru
> Manager Operations & Principal Information Security Engineer
> Sri Lanka CERT|CC
> Room 4-112, BMICH, Bauddhaloka Mawatha, Colombo 07, Sri Lanka.
> Tel : +94 112 691 692      Fax: +94 112 691 064
> e-mail: rohana at cert.gov.lk   Website: www.cert.gov.lk 
> 

> _______________________________________________
> Bp_certs mailing list
> Bp_certs at intgovforum.org
> http://mail.intgovforum.org/mailman/listinfo/bp_certs_intgovforum.org


==============
Damir Rajnovic <gausix at gmail.com>
Telephone: +44 7825 049 500
==============
There are no insolvable problems. 
The question is can you accept the solution? 


Incident Response and Product Security
http://www.ciscopress.com/bookstore/product.asp?isbn=1587052644

More information about the Bp_certs mailing list