CSIRT Maturity Framework
This section gives recommendations for CSIRTs on how to improve, mature and be better prepared to protect their constituencies.
Maturity evaluation consists of two main assets:
- ENISA CSIRT maturity framework – The maturity framework is based on Security Incident management Maturity Model (SIM3) which is a community driven effort to measure maturity of CSIRT. ENISA CSIRT maturity framework is taking into account requirements of relevant EU policies (e.g. NISD). The framework consists of three tier approach of CSIRT capabilities across Organizational, Human, Tools and Processes parameters. All parameters are evaluated in order to determine level of maturity (Basic, Intermediate or Advanced).
- ENISA maturity framework for CSIRTs - The ENISA CSIRT Maturity framework consists of two main parts:
Access the ENISA CSIRT maturity self-assessment tool |
|---|
It is suggested that the reader gets familiar with the baseline capabilities for CSIRTs documentation and maturity evaluation studies at first before advancing to the assessment itself.
- CSIRT Capabilities. How to assess maturity? Guidelines for national and governmental CSIRTs – study on maturity assessment within Trusted Introducer certification Scheme with practical examples from CERT.LV - the Information Technology Security Incident Response Institution of the Republic of Latvia.
- ENISA CSIRT maturity assessment model – description of three-tier maturity assessment model.
- ENISA maturity evaluation methodology for CSIRTs – study on methodology of maturity assessment.
-
Best Practices for Cyber Crisis ManagementThis study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale...
-
ENISA CSIRT Maturity Framework - Updated and improvedThis document presents the updated and improved version of ENISA’s Computer Security Incident Response Teams (CSIRT) Maturity Framework that is...