Expertbrief CERT in the Organisation

Door Ron Tolido e.a. 18 dec 2005

This Expert Letter deals with the increasingly important phenomenon of in-house Computer Emergency Response Teams (CERTs). The number of internal CERTs in larger, commercial organisations has increased rapidly in the past few years. This is mainly in response to the painful security incidents that have taken place during the past few years on Internet and which have been observed in the minutest detail by millions. Issues concerning necessary competencies, procedures to be followed, the availability and the tools to be used affix themselves to CERT within an organisation. But the greatest challenge appears to lie in the relationship with the existing IT organisation, both in terms of division of tasks and responsibilities and mandate. The ultimate question to be answered is that of the life cycle: will CERTs always be needed or will they eventually be absorbed by the existing IT organisation. In other words: will CERT ultimately make itself redundant?