CSIRTs and CERTs
3. Legislative framework of CSIRT/CERT
3.4. SUMMARY
ℹ️
SUMMARY / MAIN OUTPUTS FROM THE CHAPTER
- Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union (the NIS Directive) was adopted by the European Parliament.
- The NIS Directive
provides legal measures to boost the overall level of cybersecurity in
the EU by ensuring:
- Member States' preparedness, by requiring them to be appropriately equipped. For example, with a Computer Security Incident Response Team (CSIRT) and a relevant national NIS authority,
- cooperation among all the Member States, by setting up a Cooperation Group to support and facilitate strategic cooperation and the exchange of information among Member States.
- a culture of security across sectors that are vital for our economy and society and moreover rely heavily on ICTs, such as energy, transport, water, banking, financial market infrastructures, healthcare and digital infrastructure.
- The Member States have taken different approaches to implementing NIS.
- The
legislative framework of CSIRT/CERT teams in the Czech Republic is partly set
by the Cybersecurity Act. This act sets out the conditions for the existence of
the national and government CSIRT/CERT team, but on the other hand does not
restrict the establishment and existence of other CSIRT/CERT teams.
- Based on the Cybersecurity Act, two CERT/CSIRT teams, namely national and government, are compulsorily established in the Czech Republic. Each of these teams has the rights and obligations specified by law (Section 17 et seq. of the AoCS).
- The legislative framework of CSIRT/CERT teams in Poland
The Act of 5 July 2018 on the national cybersecurity system distinguishes 3 national CSIRTs:
o CSIRT GOV - Computer Security Incident Response Team operating at the national level, led by the Head of the Internal Security Agency
o CSIRT MON - Computer Security Incident Response Team operating at the national level, led by the Minister of National Defense
o CSIRT NASK - the Computer Security Incident Response Team operating at the national level, led by the Scientific and Academic Computer Network - National Research Institute
o Other than that the Act mentions the following actors of the national cybersecurity system:
o operators of essential services;
o digital service providers;
o CSIRT MON;
o CSIRT NASK;
o CSIRT GOV;
o sectoral cybersecurity teams;
o units of the public finance sector, referred to in article 1. 9 points 1-6, 8, 9, 11 and 12 of the Act of 27 August
o 2009 on public finances (Journal of Laws of 2017, item 2077 and of 2018, items 62, 1000 and 1366);
o research institutes;
o the National Bank of Poland;
o Bank Gospodarstwa Krajowego;
o the Office of Technical Inspection;
o Polish Air Navigation Services Agency;
o Polish Center for Accreditation;
o The National Fund for Environmental Protection and Water Management and provincial funds for environmental protection and water management;
o commercial companies performing public utility tasks within the meaning of Art. 1 clause 2 of the Act of December 20, 1996 on municipal management (Journal of Laws of 2017, item 827 and JoL of 2018, item 1496);
o entities providing cybersecurity services;
o cybersecurity competent authorities;
o Single Contact Point for cybersecurity;
o the Government Plenipotentiary for Cybersecurity;
o Cybersecurity College.
- The legislative framework of CSIRT/CERT teams in Portugal
🗝️
KEY WORDS TO REMEMBER
o cybersecurity
o CSIRT/CERT
o NIS directive
o ENISA
o Constituency
o National and government CERT/CSIRT
o Team collaboration
❓
KNOWLEDGE CHECK QUESTIONS
o Is there a hierarchy among CSIRT/CERT teams?
o How is the scope of activity of a CSIRT/CERT team defined?
o Who is the government CSIRT/CERT team?
o Who is the national CSIRT/CERT team?
o What are the roles and tasks of other CSIRT/CERT teams?
o How about the constituency of CSIRT/CERT teams in your country?