The European project CERT-C3IS, began in June 2018 and ended in October 2020, was led by INCIBE. Its firm aim was to develop incident response and cyber-threat intelligence capabilities by their Security Incident Response Centre, INCIBE-CERT. These capabilities allow it to improve prevention, detection and response by fine-tuning early warning services and situational awareness of the threat environment and incident management.
Throughout the project, INCIBE has fully deployed the shared tools called MeliCERTes (a project led by ENISA) that make up the Pan-European Cybersecurity Digital Services Infrastructures (DSI) in the framework of the European Cybersecurity Strategy. Its main aim is to facilitate the cross-border cooperation of European CSIRTs based on circles of trust, facilitating the exchange of secure threat and incident intelligence information. Thanks to these tools, and as the project’s second aim, INCIBE-CERT currently has better operational capability to promote the exchange of information between its European counterparts in the CSIRTs-Network.
Finally, in order to verify proper deployment of these tools, an information- and knowledge-sharing simulation exercise has been successfully executed within the scope of the project with a counterpart CERT of the CSIRTs Network, along with the support of ENISA, for which the various tools that MeliCERTes makes available to European CSIRTs were used, thus confirming that INCIBE-CERT really is capable of effectively exchanging information.
In February, 2018, the proposed project “Strengthening the capabilities of CERTSI (today known as INCIBE-CERT) to improve cooperation and intelligence sharing in the European Union” was selected, alongside 10 others, to receive a grant of 1 million euros (project budget is 1.3 million euros). In June 2018, INCIBE began the project, which made it possible to achieve the proposed aim today.
The grant comes from the European Financing Programme Connecting Europe Facility (CEF), a key EU financing instrument for promoting growth, jobs and competitiveness through targeted infrastructure investment at European level.
The specific call in cybersecurity (belonging to the CEF-TELECOM-2017 work programme) to which the proposal has been submitted is 2017 CEF Telecom Call - Cyber Security (CEF-TC-2017-2), whose aim is to develop the capability of the national CERTs appointed by the Member States according to the Directive on security of networks and information systems (Directive (EU) 2016/1148) known as the ‘NIS Directive‘. As regards the CEF-TELECOM subprogramme, Spain has obtained more than 12 million euros, thanks to 32 projects financed in the 2014-2020 framework, scoring in first place among the participating countries (provisional results).