Table of Contents - X.1060 (03/2026) - Framework for the creation and operation of a cyber defence centre/cyber security centre

1	Scope
2	References
3	Definitions
	3.1	Terms defined elsewhere
	3.2	Terms defined in this Recommendation
4	Abbreviations and acronyms
5	Conventions
6	Structure of this Recommendation
7	Overview of a cyber defence centre/cyber security centre
8	Framework for the creation and operation of a CDC/CSC
9	Build process
	9.1	Overview
	9.2	CDC/CSC service recommendation level
	9.3	CDC/CSC service assignment
	9.4	CDC/CSC service assessment
10	Management process
11	Evaluation process
	11.1	Overview
	11.2	CDC/CSC service catalogue evaluation
	11.3	CDC/CSC service profile evaluation
	11.4	CDC/CSC service portfolio evaluation
12	CDC/CSC service categories and service list
Annex A – CDC/CSC service list with descriptions
	A.1	Category A: Strategic management of CDC/CSC
	A.2	Category B: Real-time analysis
	A.3	Category C: Deep analysis
	A.4	Category D: Incident response
	A.5	Category E: Checking and evaluating
	A.6	Category F: Collection, analysis and evaluation threat intelligence
	A.7	Category G: Development and maintenance of CDC/CSC platforms
	A.8	Category H: Support of internal fraud response
	A.9	Category I: Active relationship with external parties
Bibliography