Emergency Response Team – EU

The Computer Emergency Response Team – EU (CERT-EU) is an inter-institutional Task Force.

The CERT-EU is the computer emergency response team for the EU institutions, bodies and agencies. It reinforces the institutions’ capacity to respond to cyber-attacks against their IT infrastructures, improve their cyber-security and enhance their ability to deal with cyber-threat.

It is functionally attached to DG DIGIT and reports to an inter-institutional Steering Board chaired by the General Secretariat of the Council.

CERT-EU works closely with the various existing IT security functions in the Commission (as well as in the other institutions), including the IT security teams in DIGIT. Here one finds the CSIRC (Computer Security Incident Response Capability), which manages Commission-wide cyber security attacks handling them as rapidly as possible to mitigate their impacts, the SOC (Security Operation Centre), which provides Commission-wide monitoring of the corporate IT infrastructure to proactively detect (and block) cyber security attacks and misuse and vulnerability assessment of IT systems, and the NOC (Network Operation Centre) which oversees provision of the SNET network service. It also works with the Security Directorate (HR/DS), where one finds the CART (Cyber Attack Response Team), the main purpose of which is to provide a specific, targeted response to a specific, targeted attack (malware, antivirus, hacking, incidents, spam, phishing, etc). I should not forget to mention the LISOs – the Local Informatics Security Officers – who are in charge of ensuring the security of information systems at a local level (every DG is required to have one). LISOs are there to provide practical advice on online security measures at local level. They meet regularly in the LISO network, run by DG HR/DS.

CISO (Chief Information Security Officer) created in 2014 in DIGIT has the role of coordinating our efforts to manage IT security – in a way, to sit at the centre of the triangle between CSIRC/SOC, CART and CERT-EU and help pull things together. To prepare the ground for, the Cyber Risk Management Group brings these different players together

Other involved actor is ENISA.

History
CERT-EU was created by the Commission decision in September 2012. The decision aims at reinforcing the capacity of EU institutions, bodies and agencies to respond to cyber-attacks against their respective infrastructures and to enhance their ability to deal with cyber-threats.

It was launched in June 2011 as a “pre-configuration team”, on the initiative of Vice-Presidents Kroes and Sefcovic. DG Connect contributes to the staffing of the Task Force through the "mise à disposition" of some staff members, as in the CERT-EU team to date.

The proposal flows from the 2010 Digital Agenda for Europe in which the Commission undertook to establish a CERT for the EU institutions as part of the EU’s commitment to a reinforced and high level EU Networking and Information Security Policy. After a successful pilot phase CERT-EU became a Task Force In September 2012, and it currently comprises around 16 staff from across the Institutions.