Krzysztof Socha
Head of Sector – FORCE (Forensic Operations and Response to Cyber Events) at CERT-EU
CERT-EU
We were born in 2011. While we are administratively hosted within the Directorate-General for Digital Services of the European Commission, our nature is that of an inter-institutional provider, governed by a Steering Board that is currently chaired by the European Parliament, and serving all the EU institutions, bodies and agencies (a.k.a. the EUIBAs, our constituents), located in the continent and beyond.
As one of the most mature cyberdefence entities in Europe and a central cybersecurity cog of the EU, we take pride in contributing to the security of the ICT infrastructure of our 80+ constituents by helping them prevent, detect, mitigate and respond to cyberattacks, and by acting as the cybersecurity information exchange and incident response coordination hub for all of them.
Our staff of more than 40 passionate, dedicated cybersecurity experts, working in a very congenial work environment, offer a wide range of services to our constituents spanning prevention, detection, response and cyber threat intelligence. For example, we coordinate response to cybersecurity incidents and ensure that information is efficiently exchanged with our constituents. We monitor and hunt for threats, perform technical assessments, Red Team and phishing exercises. We also organise cyber awareness sessions for our constituents and give them guidance as well as contribute to and participate in cyber exercises such Cyber Europe and Locked Shields.
Thanks to our highly mature cyber threat intelligence capability, we keep tabs on the threat landscape to better defend our constituents and regularly exchange information with peers and partners around the world to create as comprehensive a situational awareness as possible.
We are a member of the CSIRTs Network (CNW), the European Government CSIRTs Group (EGC), FIRST, Trusted Introducer, and other fora. We have a structured cooperation with ENISA, the EU Agency for Cybersecurity, with whom we work closely. And in 2016, we signed a technical agreement with the NATO Computer Incident Response Capability (NCIRC) to exchange cybersecurity information.
Our legal basis can be found in the Interinstitutional Agreement C 12/1, published in the Official Journal of the EU as Interinstitutional Arrangement 2018/C 12/01. Feel free to also get a look at our RFC2350.