KM3 - Cyber diplomacy and international cooperation
KM4 - Cyber Incident Management
2 of 5

2.5. Commercial CSIRT

Commercial CSIRT offers managed security services to paying customers or organisations.  These organisations, in most cases, have limited resources in terms of funding and skilled personnel (expertise) to provide the full range of services required for a CSIRT or a SOC.  

To create consumer confidence in the services that commercial CSIRTs provides, it is recommended that these entities are regulated and certified based on international standards.

Resource

The French Network and Information Security Agency, Agence nationale de la sécurité des systèmes d’information (ANSSI), recognised that it could not support operators of critical infrastructure by itself and, therefore, established evaluation process allowing it to qualify private cybersecurity “Trust Service Providers’’ and products in the fields of:

– cybersecurity audit service providers (PASSI) 

– incident detection service providers (PDIS) 

– integration response services providers (PRIS)

– integration/architecture service providers (planned)

Case Study: The space for Commercial CSIRTS or Managed Security Service

Serianu’s Cyber Incident Response Team (CIRT) provides incident response and investigation, Remediation and technology support, managed threat detection and monitoring, security assessment and assurance, cyber risk quantification, training and awareness for African organisations. Serianu has a presence in Kenya, Uganda, Tanzania, Ethiopia, Nigeria, Ghana, Botswana and Lesotho.

New post

Your email address will not be published. Required fields are marked *

Post a comment
Skip to content