MENU 
[wpseo_breadcrumb]
Within this theme, the GFCE facilitates dialogue, collaboration and information sharing on cyber capacity building as it relates to the topics of: national computer security incident response, cyber security exercises, and critical information infrastructure protection.
Working Group B on Cyber Incident Management & Critical Infrastructure Protection
The GFCE’s multistakeholder community comes together to share, shape and form knowledge on specific issues related to Cyber Incident Management and Critical Infrastructure Protection in Working Group B to:
This publication seeks to provide guidance in designing, developing and evaluating how and when to conduct a tabletop exercise as a tool to improve an organization’s cyber security policymaking and operations capacities. The guide aims to offer a public-private cross organizational scope. Therefore, it is not written from a strictly business point of view, but […]
Publication Date: October 21 2022The Cyber Incident Management (CIM) Cybil Portal Resources Guide is an initiative of the GFCE Working Group B CIM Task Force. The objective of this guide is to provide an overview of all the resources that are available for the CIM community on the Cybil Portal as of October 2022. By doing this, we hope […]
Publication Date: March 2 2022This white paper builds upon existing CNI/CII work within the GFCE and proposes some practical considerations and measures for how countries can develop approaches for identifying CNI/CII as part of their NCS development and implementation processes. The paper addresses three foundational elements related to CNI/CII identification in the context of NCS development. A fourth section […]
Publication Date: January 1 2022This report discusses the findings and recommendations of the “Cyber Incident Management in Low-Income Countries” project, funded by Global Affairs Canada. The project aims to create a tailorable guide for low-income countries to develop or improve their CSIRT capabilities in an affordable way to respond to the evolving cyber threat environment effectively.The report itself is […]
Publication Date: June 1 2021The purpose of this guide is twofold. Firstly, the framework supports the discussion on CIIP and the exchange of good practices by specifying the capacities that may be part of a CIIP approach. Secondly, it provides knowledge to policymakers on how to establish and maintain sustainable and efficient efforts to protect CII by outlining the […]
Publication Date: February 1 2020Capacity builders focus on their work in a number of different types of initiatives, from short-term maturity and capability assessments and technical training, to providing long-term engagement and advice. These projects often face challenges, which include a lack of awareness of other, existing initiatives, or lack of long-term funding which focuses on short term deliverables. […]
Publication Date: April 1 2021The Global CSIRT Maturity Framework is intended to contribute to the enhancement of global cyber incident management capacity, with a focus on national CSIRTs. Cyber incidents and developments are inherently transnational and effective response is dependent upon transnational collaboration. The establishment of national CSIRTs is an essential step to facilitate cyber capacity building both within […]
Publication Date: November 1 2019An infographic relating to the CIIP Capacity Framework.
Publication Date: October 22 2017Critical Information Infrastructure Protection (CIIP) is a complex but important topic for nations. Nations at large critically depend on Critical Infrastructure (CI) services such as energy supply, telecommunications, financial systems, drinking water, and governmental services. Information and communication technologies(ICT)-based services are becoming increasingly important for the functioning of CI. Disruption of information infrastructure is capable […]
Publication Date: October 30 2017The 2016 GFCE-MERIDIAN Good Practice Guide on Critical Information Infrastructure Protection for governmental policy-makers (hereafter: 2016 GPG) outlined that Critical Information Infrastructure Protection (CIIP) is a complex but important topic for nations. By nature, CIIP is a national security topic in the sense that failure, disruption or destruction of Critical Information Infrastructure (CII) may cause […]
Publication Date: November 21 2017The unprecedented uptake of ICT worldwide leads to a growing dependency of economic sectors, public institutions and societies as a whole. Multiple recent outbreaks of hostage-taking software (ransomware) have shown the criticality of ICT for sectors such as transport and healthcare. Attention for the security and continuity of critical ICT is crucial to the well-being […]
Publication Date: November 21 2017Even the best cyber security posture and practices cannot guarantee that key organisations and information infrastructures within a nation will not be vulnerable to malware, software failures, human errors, and other mishaps. The cyber threat landscape changes rapidly. Cyber incidents occur on a daily basis and may be of cross-border, multinational and often even global […]
Publication Date: October 1 2017A statistics platform, featuring metrics and data visualisation, allows for the measurement of key indicators of malicious activity and risk conditions, and enables analytical insight about patterns, priorities, and trends for action. Such intelligence can be used by the CERT/CSIRT community, security sector, corporations, and organisations. If the metrics are regularly published in reports about […]
Publication Date: October 1 2017Internet networks are replete with systemic vulnerabilities. CERTs and other trusted operators require reliable information about their network’s health over time. Various organisations have set up systems to scan networks for vulnerabilities and/or monitor cyber-attacks. Many of these sources are open, but their provenance and collection processes are often opaque. To acquire a truly satisfactory […]
Publication Date: April 8 2015The purpose of this CSIRT Maturity Kit is to help emerging and existing Computer Security Response Teams (CSIRTs) to increase their maturity level. This is achieved by offering a set of best practices that cover CSIRT governance, organisation and operations. The document that is presented now provides a starting point to guide CSIRTs through this […]
tools
publications
CVD is a platform to GFCE members to share experiences and lessons learned in cyber security mechanisms for responsible disclosure or coordinated vulnerability disclosure policies and discussions on the broader topic of ethical hacking. Coordinated Vulnerability Disclosure (CVD) pertains to the mechanisms by which vulnerabilities are shared and disclosed in a controlled way. It provides […]
The GFCE-Meridian initiative aims to support government policy makers with responsibility for Critical Information Infrastructure Protection (CIIP) to understand the implications and consequences of cybersecurity issues and to maintain an awareness of current developments. By working together in a global initiative, the initiators leverage their CIIP expertise for the benefit of a broader audience to […]
The objective of the Cyber Security CSIRT Maturity Initiative is to provide a platform to GFCE members to help emerging and existing CSIRTS to increase their maturity level. The expertise includes the following: Initiated by the Netherlands, ITU, OAS, Microsoft, FIRST and open for others to join. Deliverables Documents
The CyberGreen initiative is a global non-profit and collaborative organization conducting activities focused on helping to improve the health of the global Cyber Ecosystem. CyberGreen will achieve this by providing reliable metrics, measurements, and mitigation best practices to Cyber Security Incident Response Teams (CSIRTs), network operators, and policy makers. These efforts will facilitate operational cleanup […]
Countries today face new and emerging challenges in cyber security that range from a constantly shifting threat landscape to managing multiple platforms and devices in the environment. The modern threat landscape has never been more challenging – driving tremendous costs and risk to the security of critical information. Security breaches can take 200+ days to […]
