Evolution of National and Corporate CERTs - Trust, the Key Factor

Abstract

This paper discusses the evolution of Computer Emergency Response Teams (CERTs) due to trends in technology and society. It shows how these trends affect the selection of services a CERT can provide to its constituency, and the effects on its resources. The argument is that CERTs need to focus more and more on the specific services they can provide. The selection of these services must be driven by the objectives of their parent organization, the constituency they serve, and the urgency by which services must be provided. The paper further asserts that cyber security organizations (highly) specialized in a limited number of tasks should collaborate with others in order to effectively handle incidents. Trust among participants represents the basis for any successful collaboration. Trust, however, only exists between people. Thus, several other elements need to be in place in order to extend individual trust to organizations.