Working Group B: Cyber Incident Management and Critical Infrastructure Protection
About Working Group B
Cyber incident Management and Critical infrastructure Protection has been endorsed by the GFCE community in the Delhi Communiqué as one of the five prioritized themes for cyber capacity building to improve capacities that allow nations to respond to and recover from cyber incidents in a timely and efficient manner.
GFCE Working Group B has two taskforces:
- TF CIM worked on Global CSIRT Maturity Framework
- TF CIIP worked on a CIIP Capacity Framework.
Table of Contents
News and Updates
The leadership of TF Cyber Incident Management (TF CIM) changed in 2021 as Maarten van Horenbeeck stepped down and Vilius Benetis joined Marc Henauer as TF lead in November.
In 2021, the Task Force on Cyber Incident Management (CIM) concentrated its efforts in developing two key deliverables: the Global CSIRT Maturity Framework (GCMF) and the Getting Started with a National CSIRT Guide.
The Task Force on Critical Information Infrastructure Protection (CIIP) has focused on developing three major deliverables in 2021: a Guide for the Process of Identifying Critical National Infrastructures (CNI) and Critical Information Infrastructures (CIIP), the GFCE and the Meridian Cooperation Project and the GFCE CIIP Capacity Framework.
Reports and Deliverables
The Task Force on Cyber Incident Management (CIM) has concentrated its efforts in developing two key deliverables. It has updated the Global CSIRT Maturity Framework (GCMF) with the aim of stimulating the development and maturity enhancement of national CSIRTs. . It has also completed the Getting Started with a National CSIRT Guide. This guide is meant for anyone who wants to learn more about setting up
a national CSIRT (nCSIRT).
The Task Force on Critical Information Infrastructure Protection (CIIP) has focused on developing three major deliverables in 2021:
First, the joint project between the Task Force on Strategy & Assessments from Working Group A and the Task Force on Critical Information Infrastructure Protection (CIIP) on Developing a Guide for the Process of Identifying Critical National Infrastructures (CNI) and Critical Information Infrastructures (CIIP). The aim of this project is to provide GFCE Community with a tool to support them in their National Cybersecurity Strategy (NCS) lifecycle.
Second, the Task Force is also helping develop the GFCE and the Meridian Cooperation Project. This project aims to bring together the GFCE and the Meridian communities, particularly in contributing expertise and experience on Critical Information Infrastructure Protection.
Third, with the aid of The Netherlands and TNO the Task Force developed the GFCE CIIP Capacity Framework. This framework supports the discussion on CIIP and the exchange of good practices by specifying the capacities that may be part of a CIIP approach, while at the same time provides knowledge to policymakers on how to establish and maintain sustainable and efficient efforts to protect CII by outlining the required capacities.
In 2020, the TF CIM started working in three project teams on separate deliverables: 1) National CSIRT Career Path; 2) Phase 0 CERT; and 3) Next phase for the CSIRT Maturity Framework. The TF CIIP worked in 2020 on assisting Senegal with its clearing house request for support on their CIIP and is additionally looking for ways to cooperate closely with the Meridian community (a CIIP community).
Details of work done by Working Group B can be found in GFCE Annual Report 2020.
Ambitions for Working Group B in 2021 can also be found in the Working groups Workplan.
Throughout 2019, the TF CIM worked on Global CSIRT Maturity Framework whilst the TF CIIP worked on a CIIP Capacity Framework. During the GFCE Annual Meeting 2019 in Addis Ababa, both Task Forces organized workshops with an African focus for the beneficiary community.
The Working Group split into two Task Forces during the GFCE Annual Meeting 2018 in Singapore.
Contributions to Cybil Knowledge Portal
WG B has identified 18 tools and 19 publications to help members, which can be found at www.CybilPortal.org