|Has a national or governmental CERT been established?||Yes||In the second half of 2009 the Federal Public Information and Communication Technology Service (Fedict) signed a contract with the National Research and Education Network Belnet that appointed Belnet to operate CERT.be the Belgian National CSIRT, funded by Fedict. Belnet was chosen since it already operated the Belnet CERT, thus having the advantage of possesing active knowledge of and experience in incident handling and CSIRT best practices. Morover the Belnet CERT team was already known to and acknowledged by the international CSIRT community as a accredited member of TF-CSIRT and FIRST. The initial Royal Decree of 11 May 2001 establishing the Federal Public Information and Communication Technology Service Fedict was changed by royal Decree on 9 May 2012, adding the following: “A new task is the management of the Computer Emergency Response Team (CERT) for detecting, observing and analysing online security problems and the continuous task of informing it’s users on those problems” (translated from Dutch). The CERT.be team is acredited by TF-CSIRT and has matured in it’s role as a national CSIRT. In 2011 CERT.be received 2609 incident reports, traeted 1494 incidents and ran 1161 investigations. In the same year CERT.be published 2058 advisories and 3 recommendations on the ‘Pro’ part of it’s website https://cert.be and published 16 advisories and 8 recommendations on the ‘Citzen’ part of the https://cert.be website. It also publishes a weelky newsletter. The mission statement of CERT.be is to help Belgian key resources, critical information providers and the Belgian public protect their IT-infrastructure by: · providing information on incidents, · helping them to handle incidents, · coordinating the response to major incidents, · helping them develop their own CSIRT activities, · sharing data and knowledge. In the course of 2012 the CERT.be team has been working on a marketing and communication strategy, leading to better exposure in general and specialized media (including national radio and television), enhancing it’s reach and has been actively participating in the DNSChanger malware group, leading to the creation of the dns-ok.be website. A well-planned media campaign resulted in more than 1,3 million unique visitors to the site and to a reduction of the number of infected machines in Belgium from 4000 to 1700. A brochure and flyer aimed towards professional IT users can be found on the CERT.be site: https://www.cert.be/pro/docs/new-flyer-and-service-brochure|
|Is the CERT fully operational?||Yes||CERT.be can be considered as being fully operational but it is still expanding it’s services and improving the existing ones. It is in the process of becoming a member of the EGC (European Governmental CSIRT’s) and is seeking how it can expand its ‘de-facto’ govcert role to an officially mandated one (also upon Fedict request). The above-mentioned evidence should also support this part.|
|Does the CERT participate in international CERT communities/initiatives?||Yes||The CERT.be team (that merged with Belnet CERT) is an active and accredited member of TF-CSIRT and FIRST. Members of the team are present at the meetings and contribute with talks and presentations. In 2011 the CERT.be team also hosted the first AbuseHelper workshop in Brussels. The aim was to bring together CSIRTs that are seeking to use automation to help them to treat the growing number of incidents and to encourage better sharing of knowledge and information on ongoing incidents. Since then other European CSIRTs have also organized similar workshops.|
External contributions are more than welcome. If you would like to share with us a country, regional or local-level initiative relevant for this DAE action, you can do it via the online form.