What is CERT.be?
The federal Cyber Emergency Response Team, in short CERT.be, is the operational service of the Centre for Cyber Security Belgium (CCB). The task of CERT.be is to detect, observe and analyse online security problems and to provide continuous information about these problems.
CERT.be delivers reactive services, proactive services and services related to the management of security quality in the cyber security domain.
Cyber security refers to all measures that ensure the confidentiality, availability and integrity of Information and Communication Technologies (ICT). This involves technical security measures, but also measures that raise user awareness of secure internet use.
What services do we deliver?
Reactive services offer a response to every cyber threat or attack. Reactive services include reports and warnings, incident management, vulnerability management and artefact analysis.
Proactive services improve infrastructure and security procedures before an incident takes place or is detected. This includes announcements, technological surveillance, detection, observation and analysis of security problems, safety audits, penetration tests, and publishing information about cyber security.
Management of security quality
With this we aim to generally improve security through awareness-raising and training.
Who do we deliver our services to?
Providers of essential services and critical infrastructure: energy, transport, banks, healthcare, provision and distribution of drinking water, and digital infrastructure.
Providers of essential public services: the government services that are essential for Belgium's residents.
Administrative authorities: the ICT infrastructure of Belgium's public authorities.
Businesses: Businesses that do not provide essential services can also benefit from a limited number of services from CERT.be.
The general public: the general public is part of the target group but does not have access to all the services provided by CERT.be.
The role of CERT.be in the cyber emergency plan
The cyber emergency plan is a guideline for cyber incidents and crises. It describes the tasks of the various services within their legal and regulatory powers.
CERT.be fulfils various functions within the cyber emergency plan:
- After receiving an incident report, CERT.be conducts an expert evaluation and determines the seriousness of the incident.
- In a national cyber security incident, CERT.be plays a coordinating role and informs the operators of critical infrastructure or other entities. CERT.be records the incident, concludes the recording and then makes a report about it.
- A national cyber security crisis is handled by CERT.be under the coordination of the crisis centre and the CCB.
- To prepare itself for potential cyber incidents and crises, CERT.be regularly takes part in national and international cyber exercises.
As a public service, the existence of CERT.be is governed by many official documents - Royal Decrees, decisions of the Council of Ministers, etc. - and internal documents. The CERT charter is the public version of these documents, which form the foundation of CERT.be. This charter contains the vital elements from these non-uniform documents and brings them together in a single document that is intended for CERT.be peers and for everyone that wants to use our services.
Service Definition Document
The Service Definition Document is an English-language document in which our CERT services are officially described according to the recommendations of the Internet Engineering Task Force (link to http://www.ietf.org/rfc/rfc2350.txt) and Trusted Introducer (link to http://www.trusted-introducer.org), which is supported by the European CERT community.