ENISA supports the prevention, detection and resolution of incidents through a network of Computer Security Incident Response Teams (CSIRTs), the EU CSIRTs Network.
Incident response
As defined by art. 7 of the ENISA mandate, the Cybersecurity Act, ENISA supports operational cooperation at Union level and pursuant of NIS2 empowers the cooperation of EU CSIRTs Network, CyCLONe and all actors involved in the EU to collaborate and respond to large scale incidents and crises. It does so by guiding and advising EU Member States on how to set up and operate a CSIRT or Security Operational Centre (SOC) as well as by increasing cross-border collaboration and enhance and improve incident response capabilities and readiness across the Union through EU CSIRTs Network.
In its networking role, ENISA is also fundamental for the cybersecurity platform MeliCERTes aimed at providing trust and tools among appointed teams in EU Member States in the EU CSIRTs Network or to provide guidance on topical issues such as supply chain attacks for the CSIRTs at large (over 600 at present).
- Effective and timely cybersecurity incident response is crucial to gaining and maintaining cybersecurity throughout Europe. ENISA is at the centre of efforts to actively support, educate and inform the European public and private sectors on the best practices undertaken by CSIRTs in order to mitigate large scale cyber-incidents.
- In addition to publishing guidance and recommendations, ENISA also boosts incident response capabilities and readiness across the Union through EU CSIRTs Network. ENISA provides the Secretariat, infrastructures and tools to enable effective cooperation to respond to large scale and cross-border cyber incidents, attacks and crisis.
- Through the core platform MeliCERTes, ENISA aims to support and build trust and cooperation to respond to the next cross-border cyber incident.