This year, the IGF launched a Best Practices effort on the establishment of CERT teams for Internet Security. Over the last two months, three Lead experts supported by an independent consultant engaged with a community of participants from major stakeholder groups to exchange existing CSIRT development practices and discussed ways to further collaborate. A draft document was developed based on these initial discussions. The topics identified as part of this multi-stakeholder preparatory process will be further discussed and finalized during this 90 minute session.
CERT or CSIRT (Computer Security Incident Response Teams) are organizations of information security personnel who aim to address security incidents as they arise, whether at an organizational, pan-organizational or even national level. They follow defined processes, combined with engineering ingenuity, to ensure security incidents are properly identified, contained and remediated. By nature, many incidents have impact beyond the constituency of one CSIRT, and thus teams often partner with other teams, as well as with private sector, government, civil society and the technical community to protect users of the internet.
This round table session will cover the various opportunities and challenges involved in the establishment of Computer Emergency Response Teams to improve internet security.
Topics to be discussed will include the role of a CSIRT teams in private sector and government, what a “national CSIRT” truly means, and the high level collaboration processes involved in coordinating widespread incidents. As output of this session, a summary document will be published by the IGF, with recommendations and next-steps on topics ripe for further multi-stakeholder debate between the technical community, government, civil society and private sector.
The session will be led by lead experts Christine Hoepers (of CERT.br), Adli Wahid and Maarten Van Horenbeeck (of FIRST) and supported by UN consultant Wout De Natris. We strongly invite participants from all stakeholder groups to attend the session and contribute. No technical experience in the CSIRT community is required, though we recommend making yourself familiar with the preparatory document shared on the IGF web site to be prepared for the discussion.