ENISA Projects

In the last 10 years ComCERT has implemented and executed a number of projects for the European cybersecurity Agency (ENISA), co-creating standards of operation for cybersecurity teams. Although most of these projects have been carried out in international consortia, ComCERT experts usually play the role of project leaders or project managers. These projects include:

  1. (2021) ENISA D-OCU-21-T22: „ENISA CSIRT maturity methodology improvements” – creation of a comprehensive document presenting a state-of-the-art approach to the methodology for analysing the maturity level of CSIRT teams.
  2. (2018) ENISA D-COD-18-T15: „Update of CSIRT training material” creation of an approximately 300-page manual on Network Forensics and the best practices on exercises for CSIRTs on the topic.
  3. (2018) ENISA D-COD-17-T32: „Maturity Reference for CSIRTs” – creation a manual of recommended documentation for all SIM3 model parameters for CSIRT teams starting certification as part of the Trusted Introducer initiative
  4. 4-year framework contract with ENISA (ENISA F-COD-13-T22) “Supporting the CERT community” in 2014-2017″.
  5. (2017) ENISA S-COD-17-T06: „Stock taking of information security training needs in critical sectors” – mapping of available training and training needs broken down into critical infrastructure topics and sectors
  6. (2016) ENISA S-COD-16-T06: „LOT 2 – Update of existing training material” – modernisation and updating of the oldest exercises and adapting them to the modern conditions of CERTs
  7. (2016) ENISA S-COD-16-T06: “LOT 3 – New set of training material” – exercises on managing the full lifecycle of an IT security incident
  8. (2015) ENISA D-COD-15-T04: “New Set of CERT Training Material” – a new set of exercises for CERTs to develop competencies in dynamic and static analysis of malware samples
  9. (2015) ENISA D-COD-15-T05: “Maintenance of CERT training repository” – creation of a collection of educational materials for CERTs on incident management for mobile services
  10. (2014) ENISA D-COD-14-T05: “New set of CERT training material” – a new set of training materials for CERTs on handling, storing, and analysing malware
  11. (2014) ENISA D-COD-14-T07 “Good practice guide on training methodologies” – The Best Practice Guide for trainers providing training to CERTs
  12. (2013) ENISA P/17/12/TCD: “Application of good practice for CERTs – Service aspects” LOT 3: “ENISA CERT exercise material extended with cybercrime scenarios” – extension of previously developed training material to include cybercrime handling methodologies
  13. (2013) ENISA P/17/12/TCD: “Application of good practice for CERTs – Service aspects” LOT 2: “Good Practice guide on Alerts, Warnings and Announcements” – the Best Practice Guide on communication between CERTs (including other stakeholders and actors in their constituency): alerts, warnings, and announcements
  14. (2012) ENISA P/26/11/TCD: “Supporting and enhancing CERTs operational capabilities” LOT 2: „Further development of capabilities to provide training and exercises for CERTs” – new training material for CERTs
  15. (2010) ENISA: “Good Practice Guide for Incident Management” – new training material for CERTs