CERT-UA assessment based on the CSIRT ENISA Maturity Model

Authors

DOI:

https://doi.org/10.30837/rt.2023.2.213.04

Keywords:

CERT-UA, CSIRT, CSIRT ENISA maturity model, maturity assessment, incident response

Abstract

Cybersecurity threats are steadily increasing in today's world, which is characterised by increased openness and integration into the global network. The proliferation of cyber incidents, including hacker attacks, confidential data leaks and information theft, is becoming an extremely pressing issue in this context. Accordingly, the eradication of these threats requires the development of effective methods of responding to cyber incidents. The central theme of this article is to consider the critical importance of assessing and improving the effectiveness of cyber incident response teams. The structure of such a team, including cybersecurity specialists, network engineers, analysts, etc., is aimed at identifying, analysing and overcoming threats in cyberspace. The key aspects of assessing such a team, like abilities, experience, communication skills and level of cooperation, are presented clearly through the prism of the updated ENISA CSIRT Maturity Model. The article uses the Computer Emergency Response Team in Ukraine (CERT-UA), a national team operating under the leadership of the State Service for Special Communications and Information Protection of Ukraine, to illustrate the methods of assessing a cyber incident response team. The assessment of the team, based on the ENISA CSIRT Maturity Model, points to key aspects that determine its effectiveness. The paper provides a clear view of the process of measuring cyber incident response teams through a systematic approach that identifies their strengths and weaknesses. The maturity analysis of the CERT-UA provides recommendations for further development of the team, which can be an important resource for academics, cybersecurity experts and government officials interested in improving the effectiveness of cyber threat response. It highlights the importance of assessing cyber incident response teams to ensure cybersecurity and information protection. Awareness of this issue contributes to continuous improvement and readiness to respond effectively to growing challenges in the modern digital environment.

References

ENISA CSIRT Maturity Framework – Updated and improved, ENISA, Feb. 23, 2022. [Електронний ресурс]. Режим доступу: https://www.enisa.europa.eu/publications/enisa–csirt–maturity–framework.

CERT–UA, cert.gov.ua. [Електронний ресурс]. Режим доступу: https://cert.gov.ua/.

SIM3 : Security Incident Management Maturity Model – Open CSIRT Foundation. Mar. 30, 2015. [Електронний ресурс]. Режим доступу: https://opencsirt.org/csirt–maturity/sim3–and–references/.

ENISA CSIRT maturity assessment model. ENISA, Apr. 30, 2019. [Електронний ресурс]. Режим доступу: https://www.enisa.europa.eu/publications/study–on–csirt–maturity.

ENISA Maturity Evaluation Methodology for CSIRTs. ENISA, Apr. 09, 2019. [Електронний ресурс]. – Режим доступу: https://www.enisa.europa.eu/publications/study–on–csirt–maturity–evaluation–process.

SIM3v2i self–assessment tool. ENISA. [Електронний ресурс]. Режим доступу: https://www.enisa.europa.eu/topics/incident–response/csirt–capabilities/csirt–maturity/sim3–v2i.

FIRST – Improving Security Together. FIRST – Forum of Incident Response and Security Teams. [Електронний ресурс]. Режим доступу: https://www.first.org/.

Published

2023-06-16

How to Cite

Peliukh, O., Yesina, M., & Holubnychyi, D. (2023). CERT-UA assessment based on the CSIRT ENISA Maturity Model. Radiotekhnika, 2(213), 41–48. https://doi.org/10.30837/rt.2023.2.213.04

Issue

Section

Articles