This activity will provide cybersecurity trainings for managers and IT staff (network and system administrators) from public institutions in Romania, aiming to raise their awareness and cybersecurity knowledge. The activity will contribute to the strengthening of the cybersecurity level of public institutions in Romania. A training room will be set and equipped with 20 mobile workstations (laptops) capable of running virtual machines and having installed a series of software tools/products needed for training sessions. A number of 20 people can be trained simultaneously, each of them having their own training toolkit (laptop and specialized software). CERT-RO will develop it’s own training curricula and materials for the training sessions dedicated to managers and IT staff from public institutions.
The Digital Forensics and Malware Analysis Laboratory
This activity aims at increasing CERT-RO’s technical capabilities and personnel expertise in the fields of digital forensics and malware analysis. To this end, a dedicated laboratory equipped with specialized toolkits and a sandbox platform for automation of malware analysis tasks will be set up. Moreover, CERT-RO personnel that will be responsible for Digital Forensics and malware analysis activities will be trained to acquire more specific expertise in these areas, especially in using that type of technology that will equip the laboratory.
National Call Center for Cyber Security(NC3)
This activity will enhance CERT-RO’s communication infrastructure by adding a call centre component (i.e. the National Cyber Call Centre – NC3) which will be used for processing cybersecurity notifications made by phone call.
The NC3 will ensure a 24/7 availability. The call centre will be available to all citizens, public and private organizations in Romania to report cyber security incidents. The service will be provided free of charges for the users (call charges may be applied by telephone operators).
By establishing the NC3, CERT-RO will meet the requirements imposed to national CSIRTs by the N1S Directive, namely: set-up of several means for being contacted and for contacting others (individuals, private and public institutions in the CERT-RO constituency and other entities that CERT-RO cooperates with, including authorities) at all times; high level of availability of communications services, adequately staffed to ensure availability at all times; monitoring incidents at a national level. In order to operate the call centre, staff with a medium IT and information security background and expertise will be recruited and trained.
The NC3 staff will consist of operators hired to this purpose that will work in shifts in order to assure 24/7 availability of the service.
NC3 is operational and available at: 031/62 02 180
The National Cybersecurity Services Platform (NCSP)
This activity aims at building a technical platform, consisting of hardware and software, which will increase CERT-RO’s technical capabilities related to cybersecurity incident management and information sharing,
The platform will be interoperable with the EU cooperation mechanisms and the cybersecurity core service platform established through the Connecting Europe Facility (CEF) Telecom Work Programme 2015 (C{2015) 7381).
The platform will be used to collect, process, disseminate and share data related to cybersecurity incidents, vulnerabilities, threats, events and artefacts, including incident notifications received by CERT-RO. This will enhance CERT-RO’s capabilities for cooperation and information sharing, both at the national level and at the EU level.
In addition to the interfaces and gateways to the cybersecurity core service platform, the technical platform will provide services (information sharing, incident response and coordination, secure communications, data APIs) for different national organizations: digital service providers and operators of essential services (as defined by the NIS Directive), Internet Service Providers, law enforcement authorities, national cybersecurity authorities and other organizations within CERT-RO constituency. In order to assure an efficient sharing and dissemination of the information at the national level, different interfaces (Application Programme Interfaces – APIs) and interconnection software modules will be developed.
Software development and training courses
Name: Software development and training courses
Procedure: Open procedure
Contract type: Services
Status: In progress
Contract Notice 184795/22.05.2018 – to download click here
CERT-RO lansează proiectul “Enhanced National Cyber Security Services and Capabilities for Interoperability – eCSI”
În cursul zilei de astăzi, 14 februarie 2018, începând cu ora 10.00, la Impact Hub, București, are loc evenimentul intitulat “The eCSI Project: Roadmap to Enhanced Cooperation in Cyber Security”. Evenimentul marchează lansarea proiectului “Enhanced National Cyber Security Services and Capabilities for Interoperability – eCSI”, implementat de CERT-RO. În deschidere au luat cuvântul doamna Secretar de Stat în Ministerul Comunicațiilor și Societății Informaționale Manuela Catrina și Directorul General al CERT-RO, Cătălin Aramă, discuțiile fiind moderate de Directorul General Adjunct al CERT-RO, Mircea Grigoraș.
Proiectul eCSI, co-finanțat prin Programul CEF Telecom, beneficiază de o finanțare nerambursabilă în valoare 869.000 euro și își propune să extindă capabilitățile CERT-RO în domeniul securității cibernetice și serviciile pe care instituția le oferă la nivel național. Proiectul va permite interconectarea CERT-RO cu platforma de cooperare dezvoltată la nivel european și va contribui la asigurarea conformității CERT-RO cu cerințele Directivei Uniunii Europene privind un nivel comun ridicat de securitate a rețelelor (Directiva NIS). Durata de implementare este de 2 ani.
Evenimentul de lansare a proiectului își propune să inițieze un dialog cu specialiștii în securitate IT din instituțiile și companiile vizate de Directiva NIS cu privire la modalități concrete de îmbunătățire a cooperării și schimbului de informații, prin discuții aplicate privind platformele pentru schimb de date, formatele de date, interfețele și uneltele recomandate.
Evenimentul reunește reprezentanți ai autorităților și companiilor vizate de Directiva NIS, furnizori de servicii de Internet, reprezentanți ai mediului academic și specialiști în securitate cibernetică.
Persoana de contact: Cătălin Pătrașcu – Manager de proiect (telefon 031 6202187, fax 031 6202190, e-mail: [email protected]).