Each information system, as well as each state, is a potential victim of multiple changing threats.
To improve their level of preparedness and efficiency, all CSIRTs – of private, commercial, or governmental/national constituencies – exchange information and feedback between trustworthy partners.
These exchanges aim to ensure a good level of trust and cooperation, and to improve the global threat landscape knowledge. They also help CSIRTs face incidents that affect their constituents or customers.
In order to share our information and knowledge as soon as possible, CERT-FR takes part in several CSIRT cooperation networks.
National or governmental CSIRTs cooperation networks
- CERT-FR is the French representative in the EU CSIRTs Network, which gathers all CSIRT teams with national competencies in the European Union.
- CERT-FR also takes part in other specific cooperation groups, allowing some states to exchange information multi-laterally, like EGC (European Government CERTs Group) or IWWN (International Watch and Warning Network).
- In France, CERT-FR is a founding member of InterCERT France.
- Globally, CERT-FR is also a member of TF-CSIRT and FIRST, and regularly takes part in meetings of NatCSIRT or AfricaCERT.
Security and privacy of information exchanges
Information exchanges across these cooperation networks must respect strict privacy and security rules.
Members are for example required to use TLP (Traffic Light Protocol), allowing to explicit with whom information within a document can be shared, and to use secure exchange platforms and/or encryption and authentication methods like PGP as soon as sensitive information are exchanged.
Furthermore, all information exchanges are done on a voluntary basis, and within strict respect of incidents being taken care of, as well as legal investigation when law enforcement is involved.