Capacity building in cybersecurity

National and internal CSIRT establishment

Having the ability and capabilities to respond and manage cyber security incidents is no longer an option in today’s word. The governments must have organizations, known as CSIRTs (Cyber Security Incident Response Teams) that can effectively manage and mitigate cyber security incidents, conduct incident analysis, provide information assurance and situational awareness services.

National CSIRT capabilities to detect and systematically handle cyber security incidents also build confidence in country’s private and public digital services.

Based on international best practice, a Government CSIRT should:

  •  Provide incident detection and handling services to the Government;
  • Play a role in the protection of Critical Information Infrastructure;
  • Be the designated governmental point of contact for cyber security issues;
  • Be a member of international CSIRT communities (such as FIRST, TI).

Due to their nature of their business, some medium and large organizations also want to have their own cyber or computer security incident prevention and response capabilities.

Our highly qualified and experienced team guides you through the entire CSIRT establishment process to help you build a computer security incident response team that suites your organization‘s unique needs and requirements.

Using internationally recognized CSIRT practices, we will guide you through CSIRT documentation process, help you select right services, build proper organizational structures, define appropriate roles and responsibilities, select right people, information technologies and equipment, define network design, provide necessary training, define operational procedures and establish partnerships with other cyber security players.

 

Open source intelligence (OSINT)

The amount of public data contained in cyberspace is growing fast and it is becoming difficult for organisations to manually detect and handle all of the relevant information.

Various search engines can find a lot of publicly available information about a certain company, individual, group, or even a country. However, traditional search engines that scan links, such as, for example, Google, do not always reach the required information. In addition, manual detection of relevant information in public sources, especially when there is a lack of information processing skills, is inefficient and expensive.

In government institutions analysis of publicly available information (government reports, budgets, meeting minutes, newspapers, magazines, radio, TV, websites, blogs, forums, social networks, etc.) is often referred to as open source intelligence (OSINT). Mature business organizations also use digital surveillance instruments for reputation management, business intelligence, market and competition analysis, intellectual property and brand protection as well as monitoring of distribution channels.

Digital surveillance helps organizations understand and manage digital risk, detect unwanted material that appears on the Internet and make decisions based on the domain of structured and unstructured information. With digital surveillance tools organisations reduce time expenditure and cost, reach new sources of information and make better use of them.

Please contact us for more information about digital surveillance technologies and services.

Training and Awareness

Even though major data breaches have hit the headlines worldwide, highlighting increased need for skilled security professionals and service providers, many organisations still rely on ad hoc, manual processes. Popular excuses are: “my organisation/business is not a target”, “the bad guys are too effective and cannot be stopped”, “someone else (e. g. national CERT) should take care of this”, “cybersecurity is too expensive”, etc.

Information security managers are confused about what to do, executive management often fails to recognize the impact of cyber security on business processes, and therefore risk damaging organisations’ data, assets and reputation.

In order to assist organisations in overcoming these burdens and developing practical cyber security skills, NRD companies have been organising annual Cyber Defence conferences in Europe and East Africa for the last four years.

The conference serves as a knowledge sharing, networking and capacity building platform, aimed to address cyber security issues and bring together the Government, the ICT Industry and Academia in efforts to create a better and more secure digital environment for the states, governments, businesses and citizens.

In Europe, the cyber defence conference usually takes place in Vilnius, Lithuania in October – in commemoration of the European Cyber Security Month as announced by ENISA.

In East Africa, the first three conferences took place in Tanzania and were organised together with ISACA Tanzania Chapter in years 2013 and 2014, and in cooperation with Tanzania Communications Regulatory Authority (TCRA) in 2015. In 2016, in order to widen the reach of this initiative and recognising Uganda's commitment to increasing cyber security in the country, it was decided to organise Cyber Defence East Africa 2016 in Kampala, in cooperation with NITA-U.

More information on the Cyber Defence East Africa conferences can be found here: www.cybersecurity.ug

Related insights