CSIRT-IE
CSIRT-IE is the body within the NCSC that provides assistance to constituents in responding to cyber security incidents at a national level for Ireland. The team has a strictly defined constituency consisting mainly of Government bodies and Critical National Infrastructure providers.
CSIRT-IE provides incident response services to Government bodies and Critical National Infrastructure providers across Ireland. CSIRT-IE also acts as a national point of contact for international partners who wish to inform Irish-based entities of cybersecurity matters which may affect them. As of 2017 CSIRT-IE has been accredited by TF-CSIRT's Trusted Introducer service. This service forms the trusted backbone of infrastructure services and acts as clearinghouse for all security and incident response teams. For further details on CSIRT-IE's TI listing please see the following link.
Mission Statement
CSIRT-IE’s mission is to support Government departments and core agencies in responding to cyber security incidents. This includes in particular malicious cyber-attacks that could hamper the integrity of Government information system assets and/or harm the interests of the Irish State. CSIRT-IE also acts as a national point of contact for cyber-attacks involving entities within Ireland. The scope of CSIRT-IE’s activities covers prevention, detection, response and mitigation services to Government departments and core state agencies.
Computer Security Incident Response Team
CSIRT-IE's responsibilities include:
- Monitoring incidents at a national level;
- Providing early warning, alerts, announcements and dissemination of information to relevant stakeholders about risks and incidents;
- Responding to incidents;
- Providing dynamic risk and incident analysis and situational awareness;
- Participating in the CSIRTs network.
CSIRT-IE RFC2350
Publishing an RFC 2350 is a mandatory requirement for all accredited CSIRTs. It provides basic information about a CSIRT including contact details and its roles and responsibilities. Please click on this link to view CSIRT-IE's RFC2350.
Services
Incident Response
The NCSC provides assistance to constituents in responding to the technical and organisational aspects of cyber security incidents. Advisories on risks, threats and vulnerabilities are provided to constituents on a need-to-know basis. They can include recommendations and mitigating measures. Alerts are provided to specified constituents in response to specific information security intelligence.
Additional Services
In addition to incident response services, NCSC provides a range of proactive services to its constituency:
- Anti-phishing notification & removal of malicious websites;
- Compromised (infected) systems detection;
- Stolen credentials notification;
- Notification of malware targeting the constituency;
- General security announcements (non-public);
- Development of security tools;
- Malware analysis;
- Vulnerability notification.
![[TI: logo for TI accredited teams]](https://www.trusted-introducer.org/logos/TI-Accredited_120x120.jpg)
![[FIRST: logo for FIRST accredited teams]](../img/first-org.png)