Collaboration among European Computer Security Incident Response Teams (CSIRTs) has become essential in Europe’s Cybersecurity strategies.
Recently, the European Commission has selected a tender for funding under the call “Connecting Europe Facility – Cybersecurity Digital Service Infrastructure Maintenance and Evolution of Core Service Platform Cooperation Mechanism for CSIRTs – MeliCERTes Facility” (SMART 2018/1024).
The winner is a strong consortium stemming from the CSIRTs community. Poland’s national Computer Emergency Response Team (NASK/CERT.pl) will coordinate the work of the consortium supported by four partners, the Austrian Computer Emergency Response Team (nic.at/CERT.at), the Estonian Information System Authority (CERT.EE), the Computer Incident Response Center Luxembourg (CIRCL) and Deloitte. They will work together to further develop and maintain the MeliCERTes platform offering sustainable services and collaboration tools to EU CSIRTs.
Building on the services provided by the initial MeliCERTes platform and now hosted by the EU Cybersecurity Agency, ENISA, the new grant will cover:
· The implementation of a collection of open source tools used, developed and maintained by the CSIRTs themselves, with the primary goal of providing services for their own constituency.
· Improvement of the existing foundation as bootstrapped in MeliCERTes into long-term maintainable and a more operationalised platform, meant to support the cooperation efforts within the CSIRTs Network.
· Apart from maintenance and development of the key components of MeliCERTes, such as MISP and IntelMQ, fresh ideas for tooling will be incorporated during the project, for example vulnerability management and disclosure, large-scale malware storage or leak analysis and detection capabilities.
A special emphasis will be put on ensuring that the needs and requirements of newer CSIRTs will be addressed. The consortium is composed of four members of the CSIRTs Network, which have a proven track record of both building new tooling and maintaining software over the long-term, such as CERT.at, CERT.PL, CIRCL and CERT EE.
This 3 years grant receives a funding of 2 million EUR by the EU. It will be carried out in close collaboration with ENISA, the EU Agency for Cybersecurity is hosting the central node of the MeliCERTes facility. It builds on the outcomes of SMART 2015/1089 that developed the MeliCERTes core platform.
Cybersecurity in Europe’s industrial sectors and operators of essential services
Support to another important area comes from the CEF call ”Cybersecurity digital service infrastructure establishment of a core service platform cooperation mechanism for Information Sharing and Analysis Centres (ISACs) facilities manager” (SMART 2018/1022). The EU has procured 1.5 million EUR to a 3 years grant for supporting operators of essential services in Europe on Cybersecurity. More specifically, the action will assist in resourcing the establishment and further development of European level sectoral ISACs covering all the sectors and subsectors identified by the NIS Directive (Annex II), such as in the health, water, digital infrastructure and transport sectors.
In the selected grant Capgemini (coordinator) and Intrasoft work together in a consortium supported by the Spark Legal Network, the Netherlands Organisation for applied scientific research (TNO) and the German DFN-CERT Services. The action will include the development of a strategy for the creation of new ISACs in critical sectors, support their start-up phase by providing technical and legal support and facilitate the launch of ISACs on a European level - also building on existing ISACs. The consortium will involve and closely work together with stakeholders from all relevant sectors. Also in this activity, ENISA will be a key partner in establishing European level sectorial ISACs.