Where Collaboration meets Innovation

CERTs’ PR Working Group aim is to enable and promote the cooperation between PR, marketing specialists and communicators within the TF-CSIRT community! To initiate and develop collaboration and to share experience, “know-how” best practice and information on reports, questionnaires, marketing tools, methods, upcoming events and anything that might be helpful to other colleagues.

The scope of the working group encompasses all activities related to promotion of the industry, raising awareness and increasing understanding of cybersecurity. Participants are welcome to share experience, ideas and best practices on challenges faced when ensuring PR activities, among those:

• Awareness rising and marketing campaigns
• Education and outreach (both to the general public and public bodies)
• Research and statistics/ data analysis
• Events
• Best practices and lessons learned / “tips and tricks”
• Analysis of communications/marketing tools (including social media), trends and strategies within organisation and outside
• Financial aspects (How much does it cost? How can we reach maximum with less resources?)
• Crisis communication

The working group is relatively new and is still working on a more detailed plan and framework for cooperation:

• Created an e-mail list pr.partners@cert.lv to share anything important
• Decided to have one face-to-face meeting per year during one of the TF-CSIRT Meetings
• Decided to organise online meetings – if there is anything anyone would like to share

If you are a practitioner yourself or know PR, marketing and communication specialists from other cybersecurity entities, who might be interested, you are welcome to join and encouraged to spread the word about the group.

Interested?

If you would like to participate in the group, please send email to:
pr@cert.lv

Cyber Threat Intelligence comprises the systematic collection, analysis and dissemination of information pertaining to an organisation’s operation in cyberspace and to an extent physical space. It is designed to inform all levels of decision makers.

Any analysis is designed to help keep situational awareness about current and arising threats.

At the 68th TF-CSIRT Meeting (31 Jan-2 Feb 2023, Bilbao) a TF-CSIRT CTI-focussed working group was proposed and approved. A few weeks later the group was formally established with the following goals:

Goals

• Identify an optimal technical solution for exchange of CTI within the TF-CSIRT Community.
• Develop processes and policies/guidelines governing the exchange of CTI within the TF-CSIRT Community.
• Participate in complementary efforts by other groups/forums (as applicable).

With the objectives to:

• Develop a framework(s) for an improved TF-CSIRT Community approach to CTI
• Increase information exchange between member teams of the TF-CSIRT Community and CSIRTs globally

Activities

The working group has convened several face-to-face meetings at TF-CSIRT Meetings as well as virtually in-between.

The initial meetings revealed that we first needed a clearer understanding of the status of TF-CSIRT members’ journeys with CTI – how mature are we as a community, what CTI is currently created and shareable, who has experiences to share, etc.

In order to provide preliminary indicators of the above, a survey was sent out to all accredited teams in September 2023. 63 teams responded providing a good base for the working group to start with.

Other discussions include tools and channels for information sharing, preliminary designs of architectures we could use, information sharing agreements considering the sensitivity of CTI, legal considerations, etc.

Interested?

If you would like to participate in the group, please send email to:
ocf-secretariat@opencsirt.org

Other queries can be addressed to Roderick Mooi from GÉANT CERT (contact details available via TI Directory).