How to set up CSIRT and SOC

Back to all publications

Download

Publication date:December 10, 2020

This publication provides results-driven guidance for those who are interested in establishing a computer security incident response team (CSIRT) or security operations centre (SOC), and guidance on possible improvements for different types of CSIRTs and SOCs that exist currently. The reader will receive practical guidance on what to focus on during the individual phases of establishment and improvement.

Search related content with: CSIRTs

Publication details

Related content

Best_Practices_for_Cyber_Crisis_Management.png

Best Practices for Cyber Crisis Management

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves.

Cybersecurity Support Action

The ENISA Cybersecurity Support Action provides ex-post and ex-ante services and assistance to Member States' NIS2 Directive entities.

Sustained Activity by Threat Actors- Joint Publication

ENISA, the EU Agency for Cybersecurity, and CERT-EU, the Computer Emergency Response Team of all the EU institutions, bodies and agencies (EUIBAs), have issued a joint publication to alert on sustained activity by particular threat actors.

2021 Report on CSIRT-Law Enforcement Cooperation

The purpose of this report is to further explore and support the cooperation between computer security incident response teams (CSIRTs), in particular national and governmental CSIRTs, and Law enforcement agencies (LEAs) and their interactions with the Ju

BROWSE ALL PUBLICATIONS

16th EU-CyCLONe Officers meeting

2024 Sep 24

24th CSIRTs Network Meeting

2024 Sep 23

15th EU-CyCLONe Officers meeting

2024 May 22

23rd CSIRTs Network Meeting

2024 May 22

BROWSE ALL EVENTS

BlueOLEx 2024 exercise: EU-CyCLONe test its cyber crisis response preparedness

Press Release

In light of the NIS2 era, this year’s edition of the BlueOlex built upon the scenario of Cyber Europe 2024 and tested the executive layer of cooperation in the EU ecosystem.

Cyber Europe tests the EU Cyber Preparedness in the Energy Sector

Press Release

The 7th edition of Cyber Europe, one of the largest cybersecurity exercises in Europe, organised by the European Union Agency for Cybersecurity (ENISA) challenged the resilience of the EU energy sector.

Geopolitics Accelerates Need For Stronger Cyber Crisis Management

Press Release

ENISA publishes a study on ‘Best Practices for Cyber Crisis Management’ that assists in preparation for crisis management. The study was conducted for the EU Cyber Crisis Liaison Organisation Network (CyCLONe) and is now available publicly.

CSIRT - Law Enforcement Cooperation Workshop - 10 Years of Joint Efforts against Cybercrime

News Item

The European Union Agency for Cybersecurity, (ENISA) and Europol’s European Cybercrime Centre (EC3) organised the 10th Annual Workshop for CSIRTs and law enforcement.

BROWSE ALL NEWS

CSIRT Maturity - Self-assessment Tool

This tool helps CSIRTs to self-assess their team’s maturity in terms of 44 parameters of the SIM3 model. SIM3 is also at the base of TI certification scheme under the TF-CSIRT and considered by FIRST for membership process. For several parameters…

CSIRTs by Country - Interactive Map

The European CSIRT Inventory gives an overview of the actual situation concerning CSIRT teams in Europe. It provides a list of publicly listed incident response teams that can be visualised by the interactive mapping tool. This tool allows the…

BROWSE ALL TOOLS