CERT-C3IS

 

Logo CERT-C3IS

 

Financing, work program and call

Project CERT-C3IS “Strengthening Spanish INCIBE-CERT Capacities for Enhancing Cooperation and Intelligence Sharing in EU” is co-financiaced by the European Union (EU) in the framework of CEF-Telecom Programme, Work Program 2017, Cyber Security (CEF-TEC-2017-3) call.

Duration

The estimated timeframe of the project is from June 2018 to October 2020.

Justification

The specific objective is to support the generic services provided by CERT/ CSIRT in all Members States, based on its interoperability with cooperation mechanisms in the Core Service Platform (CSP) established through MeliCERTes project, including one or both objectives:

  • Activities for increasing the preparedness of CERTs/CSIRTs (e.g. development or acquisition of better tools for analysis, identification, and detection of threats, awareness campaigns ancillary to capabilities development, maturity assessment and development encompassing governance and legal compliance, services to local agents) 
  • Establishment of access points from CERTs/CSIRTs to the Core Service Platform -cooperation mechanisms (e.g. secure devices and software, interfaces, gateways, translation of local tools into common formats).

Benefits

The main benefits of this call are:

  • Building up of national capacity in accordance with Article 9 of Directive 2016/1148 (NIS Directive) and the facilitation of swift and effective operational cooperation via the network of European CSIRTs (CSIRT-Network) in accordance with Article 12 of NIS Directive.
  • Fostering of capacity building in cyber security at the Member State level, creating increased awareness about their needs and requirements on the technical and organizational levels.
  • Connection of national and/or governmental CERTs/CSIRTs capabilities to the cooperation mechanisms that will allow Member States to have an early response or, at least, mitigate cyber security incidents that may affect their networks and information systems.
  • Opening of new avenues for cross-European and multidisciplinary methodological and experimental cooperation that include European-wide views, perceptions and behaviours leading to higher preparedness and better cyber security resilience.
  • Contribution to the sustainability of the Digital Single Market in terms of reliability and trustworthiness of its networks and services.

Aims

The main objectives of the project are:

  • Alignment and synergies with strategies, polices and activities at European and National level, such as the NIS Directive, the General Data Protection Regulation (GDPR) in EU, or national and European cybersecurity strategies.
  • Strengthen the capabilities of INCIBE-CERT improving the service provided at national level to Spanish companies, citizens and critical infrastructure operators.
  • Installation and deployment common mechanisms to connect with the main services Platform (MeliCERTes) enabling effective operational cooperation between CSIRTs.
  • Enhance the exchange of cybersecurity information with the CSIRT-Network using common mechanisms, for example in the notification and resolution of cross-border security incidents, or the improvement of cyber intelligence capabilities including European information sources.

Beneficiaries

The main target group and beneficiaries of this project are:

  • The target audiences to which INCIBE-CERT provides services formed by citizens and entities of private law, academic network and critical operators of the private sector in Spain.
  • The European community of CSIRTS known as CSIRT-Network.

Results

Since the beginning of the project, INCIBE has strengthened the INCIBE-CERT services related to preventionmitigation and incident response. These services complement their capabilities, including reverse engineering techniques, evidence generation and gathering, and management of cyber security threat countermeasures. Furthermore, the intelligence services’ capabilities have been improved, Big Data technology-based services and assessing threats from various public and private sources have been strengthened. These services generate value-added information to develop cybersecurity conclusions and trends. Knowledge that leads to improved early alert, proactive detection and incident reporting services.

Consortium

The CERT-C3IS Project has a consortium based in only one organisation:

Instituto Nacional de Ciberseguridad (INCIBE)

INCIBE

INCIBE coordinates the execution of all planned activities, including the development of capacities, installation of tools, exchange of information, as well as the dialogue with the Commission and dissemination of the project activities and results.

Cofinanciado por el Mecanismo Conectar Europa de la Unión Europea