The Basque Cybersecurity Centre is now authorised by the Carnegie Mellon to use the CERT (Computer Emergency Response Team) registered trademark.
The CERT Coordination Center (CERT/CC) at Carnegie Mellon was set up in1988 in response to the appearance of "Morris", the first ever computer worm to infect 6,000 computers linked up to the Internet - some 10% of the total number at that time. The worm's creator, Robert Tappan Morris, was sentenced to three years in prison, 400 hours community service and a fine of $10,050. The incident called for international collaboration between different organisations, and flagged up the need for a coordinated action plan to tackle this type of threat, improve efficiency and avoid duplicating efforts.
In order to be eligible to use the CERT registered trademark, the businesses and organisations applying for it have to pass a strict validation process designed by the Universidad Carnegie Mellon. A full list is available here of organisations authorised to use the CERT trademark. In addition to the BCSC, there are other important Basque companies on the list, including ITS Security, S21Sec / Nextel, Entelgy, and the most recent arrival, P3rseus. All these companies are a clear example of the potential offered by the Basque cybersecurity ecosystem, as demonstrated at the recent RSA Conference in San Francisco.
CSIRT.es, FIRST, ENISA and the CERT mark
Last year the BCSC became part of CSIRT.es, a non-profit making initiative comprised of both public and private computer security emergency response teams working across the Spanish State, and including teams belonging to state law enforcement agencies, for example, the Ertzaintza.
Similarly, in October 2018, the work of the centre was recognised when it joined FIRST, the world's largest forum for Cybersecurity Incident Response Teams, which currently includes over 470 public and private organisations, from the military, education and government, located worldwide and sharing information on cyberthreats with the goal of greater protection for all.
As well as its success in the standardisation process for the CERT trademark, the Basque Cybersecurity Centre has recently been included on the ENISA (European Union Agency for Network and Information Security), CSIRT map. ENISA is a centre for specialised knowledge whose role is to help the EU and its member countries to be better prepared to prevent, detect and respond to cybersecurity incidents. There are currently a total of 387 CSIRTs on the map, distributed as follows:
Alongside the BCSC on the map are another 23 organisations based in the country and working to tackle the various cybersecurity threats.
Being a part of this kind of initiative has a two-fold advantage - to reinforce the protection offered by the Basque ecosystem, and to highlight everything happening in this sector in the Basque Country.