The Global Cyber Security Center has developed a new tool named CERTrating to evaluate the maturity level of CERT/CSIRT. Read on to know more…
In recent years, numerous cyber-attacks have occurred globally and this has validated that cybersecurity is an highly complex challenge that presents a priority for all organizations both in terms of development and investments.
Computer and Emergency Response Teams (CERTs) are one of the main pillars and first line of defense for cybersecurity in any country. Since 1993, CERTs have impacted communities across the world by helping them build their skills and capabilities to prepare for and respond to cyberattacks. They evaluate a cyberthreat or attack in four stages. These stages include identifying, preventing, responding to, and resolving the threat. These organizations’ main aim is to develop and disseminate knowledge and awareness about cybersecurity.
The Global Cyber Security Center (GCSEC), a not-for-profit foundation of the Italian postal service provider Poste Italiane, has developed a new tool named CERTrating to evaluate the maturity level of CERT/CSIRT. The idea to develop a Tool that can help CERTs/CSIRTs was thought to deal with a need to understand how mature companies are in delivering CERT’s services.
CERTrating is based on a capability maturity model designed by ENISA for CERTs that represents one of the methods to understand how and where investments must be directed and how much effort should be made in terms of time and resources to become more resilient.
CERTrating is designed to better understand and evaluate the maturity level of CERTs and services provided to their constituencies. It is based on the capability maturity model designed by European Union Agency for Cybersecurity (ENISA) for CERTs. This maturity model is one of the methods that can be used to understand how and where investments must be directed and how much effort should be made in terms of time and resources. CERTrating works in three levels: Basic, Intermediate or Advanced.
Measuring Maturity Levels
To measure the Maturity Level of each question in all of the Quadrants, CERTrating use the original SIM3 capability maturity model and let users to answer to questions with an increasing maturity level progression (from 0 to 4). CERTrating follows the SIM3 maturity model which covers four quadrants: (O) Organization, (H) Human, (T)Tools and (P) Processes.
• 0 = not available / undefined / unaware
• 1 = implicit
• 2 = explicit, internal
• 3 = explicit, formalized on the authority of CERT/CSIRT head
• 4 = explicit, audited on the authority of governance levels above the CERT/CSIRT head
Apart from offering the maturity level of CERT and its respective services, CERTrating also provides recommendations that can be followed to improve the level of maturity to an optimal position.
According to ENISA, “by adopting the proposed approach, the [CERT] CSIRT Network will have immediate access to a clearly laid out CSIRT maturity improvement process, that is both implementable and sustainable. A growth path is suggested that reaches basic level within one year, intermediate two years later and advanced another two years later: a total of five years maximum. Basic level already allows a minimum of successful co- operation between teams on incident handling, the higher levels are needed to allow the members of the CSIRT network to interact on all levels, including pro-actively…”