GFCE Cybersecurity Knowledge Modules

KM3 - Cyber diplomacy and international cooperation
Module objectives
1. Risks for international peace and cyber-stability
3 Topics
1.1 Cyber-attacks and geopolitics
1.2 Cyber as part of hybrid warfare
1.3 Cyber-armament
2. Towards an international agreement
4 Topics
2.1. Framework for responsible state behaviour in cyberspace
2.2. Applicability of international law
2.3. Norms, confidence building measures, and capacity building
2.4 Broader context
3. International cooperation
4 Topics
3.1. The United Nations
3.2. Other multilateral forums
3.3. Regional efforts
3.4. Multistakeholder efforts
4. Cyber diplomacy
5. Main takeaways
6. Assignment
1 Quiz
KM3 Quiz
KM4 - Cyber Incident Management
Module objectives
1. Introduction
2. Types of Cyber Incident Response Teams
5 Topics
2.1. National Computer Security Incident Response Team
2.2. Product Security Incident Response Team
2.3. Sector CSIRTs
2.4. Security Operation Centre
2.5. Commercial CSIRT
3. What needs to be considered when establishing a National CSIRT?
2 Topics
3.1. CIRT framework
3.2. How to set up CSIRT and SOC
4. How to assess cyber incident readiness
3 Topics
4.1. Security Incident Management Maturity Model (SIM3)
4.2. Security Operation Centre Capability and Maturity Model (SOC-CMM)
4.3. CSIRT Maturity – Self-assessment Tool
5. Which services do the CSIRTs offer?
2 Topics
5.1. FIRST CSIRT services framework
5.2. ITU-T Recommendation X.1060 service categories
6. Who does the CSIRT serve?
7. Which Tools does a CSIRT need?
8. Policies, frameworks, and guidelines
9. Resourcing and funding a CSIRT
1 Topic
9.1. What does a CSIRT Budget look like?
10. CSIRT capabilities
3 Topics
10.1. Training and certification
10.2. Auditing
10.3. Cyber drills
13. Main takeaways
14. Assignment
1 Quiz
KM4 Quiz
2 of 5
Previous Topic
Next Lesson

2.5. Commercial CSIRT

GFCE Cybersecurity Knowledge Modules 2. Types of Cyber Incident Response Teams 2.5. Commercial CSIRT

Commercial CSIRT offers managed security services to paying customers or organisations.  These organisations, in most cases, have limited resources in terms of funding and skilled personnel (expertise) to provide the full range of services required for a CSIRT or a SOC.  

To create consumer confidence in the services that commercial CSIRTs provides, it is recommended that these entities are regulated and certified based on international standards.

Resource

The French Network and Information Security Agency, Agence nationale de la sécurité des systèmes d’information (ANSSI), recognised that it could not support operators of critical infrastructure by itself and, therefore, established evaluation process allowing it to qualify private cybersecurity “Trust Service Providers’’ and products in the fields of:

– cybersecurity audit service providers (PASSI) 

– incident detection service providers (PDIS) 

– integration response services providers (PRIS)

– integration/architecture service providers (planned)

Case Study: The space for Commercial CSIRTS or Managed Security Service

Serianu’s Cyber Incident Response Team (CIRT) provides incident response and investigation, Remediation and technology support, managed threat detection and monitoring, security assessment and assurance, cyber risk quantification, training and awareness for African organisations. Serianu has a presence in Kenya, Uganda, Tanzania, Ethiopia, Nigeria, Ghana, Botswana and Lesotho.

Previous Topic
Back to Lesson
Next Lesson

New post

Your email address will not be published. Required fields are marked *

Post a comment
Skip to content