Step 1: Select a stakeholder group | Step 2: Select a topic of your interest | Step 3: Select a practice to find out more about it
CERT

CERT

Policy and strategy
Incident management and infrastructure protection
  • Practice: Establish a clearinghouse for gathering systemic risk conditions data in global networks

    We assess our personal health based on the trusted data we receive from doctors. Cybersecurity is like public health: if CERTs and operators have trusted data ‒ regularly updated ‒ about weaknesses in our networks, this helps them mitigate vulnerabilities, preserve cyber-health, and prevent incidents.

    Read the details here
  • Practice: Produce and present trusted metrics about systemic risk conditions

    All those figures on a medical test report do not mean much to us ‒ we need a doctor to analyse various data, contextualise it for our body and lifestyle, and present us with the findings in a comprehensive way. The same goes for network health ‒ trusted data needs to be turned into vetted and well-presented metrics, to increase awareness and incentivise action by responsible companies, organisations, and institutions.

    Read the details here
  • Practice: Assist with cyber-risk mitigation and keep score of successes

    Weight loss does not happen by learning theory, but by practical exercises -‒ and certainly by keeping records of successful steps. Similarly, network operators need help with monitoring the systemic risks, providing training materials and practical experience for mitigation, but also keeping track of successful actions.

    Read the details here
Cybercrime
Culture and skills
  • Practice: Produce and present trusted metrics about systemic risk conditions

    All those figures on a medical test report do not mean much to us ‒ we need a doctor to analyse various data, contextualise it for our body and lifestyle, and present us with the findings in a comprehensive way. The same goes for network health ‒ trusted data needs to be turned into vetted and well-presented metrics, to increase awareness and incentivise action by responsible companies, organisations, and institutions.

  • Practice: Assist with cyber-risk mitigation and keep score of successes

    Weight loss does not happen by learning theory, but by practical exercises -‒ and certainly by keeping records of successful steps. Similarly, network operators need help with monitoring the systemic risks, providing training materials and practical experience for mitigation, but also keeping track of successful actions.

    Read the details here
Standards
  • Practice: Establish a national multistakeholder platform to promote standards

    ‘Better safe than sorry.’ Prevention means increasing the security of the system, including through implementing the latest standards. How can we make sure the right players are gathered to discuss the right things and support the community in the right way? A multistakeholder networking platform serves as a vehicle for initiating and coordinating efforts among partners, promoting and giving exposure to activities, and serving as a contact point for various players.

    Read the details here
Cooperation and community building
  • Practice: Establish a national multistakeholder platform to promote standards

    ‘Better safe than sorry.’ Prevention means increasing the security of the system, including through implementing the latest standards. How can we make sure the right players are gathered to discuss the right things and support the community in the right way? A multistakeholder networking platform serves as a vehicle for initiating and coordinating efforts among partners, promoting and giving exposure to activities, and serving as a contact point for various players.

    Read the details here
  • Practice: Establish a clearinghouse for gathering systemic risk conditions data in global networks

    We assess our personal health based on the trusted data we receive from doctors. Cybersecurity is like public health: if CERTs and operators have trusted data ‒ regularly updated ‒ about weaknesses in our networks, this helps them mitigate vulnerabilities, preserve cyber-health, and prevent incidents.

    Read the details here
  • Practice: Produce and present trusted metrics about systemic risk conditions

    All those figures on a medical test report do not mean much to us ‒ we need a doctor to analyse various data, contextualise it for our body and lifestyle, and present us with the findings in a comprehensive way. The same goes for network health ‒ trusted data needs to be turned into vetted and well-presented metrics, to increase awareness and incentivise action by responsible companies, organisations, and institutions.

    Read the details here
  • Practice: Assist with cyber-risk mitigation and keep score of successes

    Weight loss does not happen by learning theory, but by practical exercises -‒ and certainly by keeping records of successful steps. Similarly, network operators need help with monitoring the systemic risks, providing training materials and practical experience for mitigation, but also keeping track of successful actions.

    Read the details here
Research and development
  • Practice: Establish a clearinghouse for gathering systemic risk conditions data in global networks

    We assess our personal health based on the trusted data we receive from doctors. Cybersecurity is like public health: if CERTs and operators have trusted data ‒ regularly updated ‒ about weaknesses in our networks, this helps them mitigate vulnerabilities, preserve cyber-health, and prevent incidents.

    Read the details here
  • Practice: Produce and present trusted metrics about systemic risk conditions

    All those figures on a medical test report do not mean much to us ‒ we need a doctor to analyse various data, contextualise it for our body and lifestyle, and present us with the findings in a comprehensive way. The same goes for network health ‒ trusted data needs to be turned into vetted and well-presented metrics, to increase awareness and incentivise action by responsible companies, organisations, and institutions.

    Read the details here