Responding to Cyber Threats: Establishing an Effective Computer Incident Response Team


Session 301

09:00–10:45, Thursday, 15 June 2017 Room A, ITU Tower Thematic Workshop

1  Document 

Share on:  Facebook  Twitter  Twitter

Globally, societies have become increasingly digitized. It is therefore more and more important for states, international organizations, private companies and civil society to put the potential of cyber capabilities at the service of development, address the threats posed by malicious cyber activities and promote secure digital services and infrastructure.

A number of countries are in the process of developing strategies and taking actions to protect themselves. This includes the establishment of Computer Security Incident Response Teams, CSIRTs. CSIRTs are responsible to detect, review and respond to computer security incidents, depending on which constituency they serve. National CSIRTs for example, serve the entire nation. Unfortunately, many countries lack the required capacities to protect their societies and limit the effects of cyber-attacks and to develop well-functioning CSIRTs.  

The Global Forum on Cyber Expertise (GFCE) was launched at the Global Conference on Cyberspace (GCCS) in The Hague in 2015 as a global platform for primary stakeholders to exchange good practices and expertise on cyber capacity building. Under the GFCE, stakeholders join forces to mutually discuss the threats and opportunities provided by cyber space. With support from the GFCE Secretariat, GFCE members take part in various initiatives to build cyber capacity on specific issues. One of the concrete initiatives under the GFCE is the Cyber Security CSIRT Maturity Initiative. The objective of this endeavour is to provide a platform for GFCE members to help emerging and existing CSIRTS increase their maturity level, helping countries better respond to cyber threats and incidents.


The goal of this session is to understand the importance of a coordinated response to ICT security incidents and how this contributes to the broader development agenda. Furthermore the speakers will discuss which capacities are required to establish a well-functioning CSIRT.

The session invites representatives from various backgrounds with the objective of sharing national and regional good practices. The session will not only focus on deepening the understanding of the challenges posed, but also on identifying and elaborating a series of promising practices and policies drawn from a range of experiences, offering interested stakeholders concrete guidance. Good practices support the establishment of CSIRTs or the strengthening of existing ones.


En. Mohd Shamir Bin Hashim. Senior Vice President, International & Government Engagement Division, CyberSecurity Malaysia


·       Mr. David van Duren, Head of the Global Forum on Cyber Expertise Secretariat

·       Mr. Luc Dandurand, Head, ICT Applications and Cybersecurity Division, International Telecommunication Union

·       Prof. dr. Vilius Benetis, NRD CIRT / NRD CS

·       Mr. George Michaelides, Commissioner, Office of the Commissioner of Electronic Communications and Postal Regulation

Session's link to WSIS Action Lines

  • AL C5 logo C5. Building confidence and security in the use of ICTs

Session's link to Sustainable Development Process

  • Goal 9: Industry, innovation and infrastructure logo Goal 9: Build resilient infrastructure, promote sustainable industrialization and foster innovation


Link to this session