RESTENA-CSIRT is coordinating security incident prevention, handling and response within its constituency.
These services are offered in reaction to an occurring security incident involving the constituency, be it detected by RESTENA-CSIRT staff, constituency's staff, or reported to the team by another CSIRT or third party.
- interpretation of incoming security incident reports, tracking and prioritizing them
- determination of the extent or scope of the security incident
- contact the involved organisation(s) to investigate the incident and take the appropriate steps
- notification of other involved parties on a need-to-know basis, as per the information disclosure policy
- facilitating contact with appropriate security teams and/or law enforcement officials if necessary
- making reports to other CSIRTs
- sending announcements to users (members of constituency), if applicable
RESTENA-CSIRT will not provide active security incident resolution service to its constituency but may offer advice on a case by case base.
These services aim to prevent incidents from happening and reduce their impact when they occur.
Awareness and Knowledge Building
- increase security awareness and knowledge among the constituents through articles, best practices, or any other information, in order to explain security best practices and provide advice on precautions to take
- schedule meetings and seminars to keep the constituency up-to-date
- collect statistics about incidents within the constituency