CERT-EU works very closely with the internal IT security teams of the EU institutions and liaises with the community of CERTs and IT security companies in the Member States and elsewhere, exchanging information on threats and how to handle them. It also cooperates closely with its counterpart at NATO and with the Hybrid Threats Cell at EEAS.

CERT-EU is a member of the CSIRT network of EU national and governmental Computer Security Incident Response Teams that has been established by the Network and Information Security Directive.

Background

In recent years, CERTs have been set up in both the public and private sectors as small teams of cyber-experts that can effectively and efficiently respond to information security incidents and cyber threats. They are a key component in the defence strategy against these threats by preventing, detecting and correcting vulnerabilities and compromises. They warn their clients about vulnerabilities or threats and recommend actions to mitigate the risks. They help to detect compromised systems and attacks and take appropriate steps to stop them and/or enable organisations to recover from them. They are highly interconnected with each other, creating a community of experts fighting for the common cause of cyber security.

CERT-EU's resources are provided by all EU institutions, bodies and agencies, including the European Commission, the Council, the European Parliament, the Committee of the Regions and Economic and Social Committee, and the European Network and Information Security Agency (ENISA). The team operates under the strategic oversight of an inter-institutional Steering Board.