August 12, 2008
The International Telecommunications Union Development (ITU-D) program recently conducted a series of meetings on cybersecurity and the economics of computer malware in Brisbane, Australia. The meetings represent the latest event of the ongoing "Doha Agenda" and Question 22/1 "Best Practices for National Cybersecurity" initiative that was launched at the 2006 World Telecommunications Development Conference (WTDC), which ictQATAR hosted in Doha. The work received further local support when ictQATAR and Q-CERT hosted the MENA-regional technical meetings on Question 22/1 in February 2008.
The ITU invited Q-CERT to give presentations in two key subject areas: national cybersecurity strategy, and the Qatari national program for incident management. During the conference, the Australian government announced the formation of the Pacific Islands regional CSIRT program to improve information security and to address the unique challenges of the widely distributed Pacific island nations. Q-CERT was asked to share its experience building cooperation among other national information security teams in the GCC region, based on the role that Q-CERT has played in the development of GCC-CERT over the past two years.
The ITU-D has described Q-CERT as an exemplar model of a national computer security incident response team (CSIRT) for its mandate, scope-of-service, and program initiatives such as the national Cyber Security Network, the National Information Assurance Framework, and its program in cyber forensics.
There are about forty authorized national CSIRTs around the world, and as more countries form similar organizations, they are interested in the experience of emerging organizations such as ictQATAR and Q-CERT. Q-CERT's program was designed on the collective "best-practice" advice of the CERT® Program at Carnegie Mellon University's Software Engineering Institute, and it is aligned with the latest initiatives of leading international information security organizations such as the Forum of Incident Response Teams (FIRST). Because Q-CERT was able to use the collected knowledge and advice of the best programs, it is now sharing its experiences about starting and operating a national team.