GFCE Cybersecurity Knowledge Modules

KM3 - Cyber diplomacy and international cooperation
Module objectives
1. Risks for international peace and cyber-stability
3 Topics
1.1 Cyber-attacks and geopolitics
1.2 Cyber as part of hybrid warfare
1.3 Cyber-armament
2. Towards an international agreement
4 Topics
2.1. Framework for responsible state behaviour in cyberspace
2.2. Applicability of international law
2.3. Norms, confidence building measures, and capacity building
2.4 Broader context
3. International cooperation
4 Topics
3.1. The United Nations
3.2. Other multilateral forums
3.3. Regional efforts
3.4. Multistakeholder efforts
4. Cyber diplomacy
5. Main takeaways
6. Assignment
1 Quiz
KM3 Quiz
KM4 - Cyber Incident Management
Module objectives
1. Introduction
2. Types of Cyber Incident Response Teams
5 Topics
2.1. National Computer Security Incident Response Team
2.2. Product Security Incident Response Team
2.3. Sector CSIRTs
2.4. Security Operation Centre
2.5. Commercial CSIRT
3. What needs to be considered when establishing a National CSIRT?
2 Topics
3.1. CIRT framework
3.2. How to set up CSIRT and SOC
4. How to assess cyber incident readiness
3 Topics
4.1. Security Incident Management Maturity Model (SIM3)
4.2. Security Operation Centre Capability and Maturity Model (SOC-CMM)
4.3. CSIRT Maturity – Self-assessment Tool
5. Which services do the CSIRTs offer?
2 Topics
5.1. FIRST CSIRT services framework
5.2. ITU-T Recommendation X.1060 service categories
6. Who does the CSIRT serve?
7. Which Tools does a CSIRT need?
8. Policies, frameworks, and guidelines
9. Resourcing and funding a CSIRT
1 Topic
9.1. What does a CSIRT Budget look like?
10. CSIRT capabilities
3 Topics
10.1. Training and certification
10.2. Auditing
10.3. Cyber drills
13. Main takeaways
14. Assignment
1 Quiz
KM4 Quiz
2 of 5
Previous Topic
Next Topic

2.3. Sector CSIRTs

GFCE Cybersecurity Knowledge Modules 2. Types of Cyber Incident Response Teams 2.3. Sector CSIRTs

According to the Carnegie Mellon University SEI: CSIRT Sector Framework, ‘’Sector CSIRTs are responsible for facilitating incident response and management for a particular sector or subset of a country or economy (e.g. financial, energy, or government).   Also referred to as sectoral CSIRTs, sector-based Cybersecurity Centers, Sector CERTs or Information Sharing and Analysis Centers (ISACs), they are uniquely adapted, specialised incident response teams […] that have the advantage of bridging the gap between public and private sectors, and providing a mechanism or platform for cooperation, information sharing, and trust building’’.

Case Study: Sector CSIRTs in Africa

Tunisia: The Financial CERT offers security services to the Tunisian financial sector. These services include monitoring, incident management, threat intelligence, and sensitisation.  The Financial CERT is a member of FIRST.

Egypt: EG-FinCIRT was set up by the Central Bank of Egypt in line with the bank’s strategy to move towards a less-cash economy, support fintech applications and financial inclusion. According to the Central Bank of Egypt, Economic Review Vol. 60 No. 4 2019/2020, EG-FinCIRT provides incident response, proactive monitoring, and analysis of information security incidents to the financial sector with a significant human capital investment made to support these functions.

Ghana: The NCA-CERT was established by the National Communications Authority, the regulator for the communications industry, to respond to incidents within the communications Sector.

The primary constituency of NCA-CERT is licensed operators within the communications sector and their subscribers. It provides a platform for information sharing and coordinates incidents within the communications sector 

The CERT works with its constituents to infuse cyber security best practices into its regulatory and licensing regimes, while providing services including Incident Management, Analysis, Information Assurance, Situational Awareness, Communications and Outreach, Capability Development, Research and Development.

Previous Topic
Back to Lesson
Next Topic

New post

Your email address will not be published. Required fields are marked *

Post a comment
Skip to content