Author: ecsi

This activity will provide cybersecurity trainings for managers and IT staff (network and system administrators) from public institutions in Romania, aiming to raise their awareness and cybersecurity knowledge. The activity will contribute to the strengthening of the cybersecurity level of public institutions in Romania. A training room will be set and equipped with 20 mobile workstations (laptops) capable of running virtual machines and having installed a series of software tools/products needed for training sessions. A number of 20 people can be trained simultaneously, each of them having their own training toolkit (laptop and specialized software). CERT-RO will develop it’s own training curricula and materials for the training sessions dedicated to managers and IT staff from public institutions.

This activity aims at increasing CERT-RO’s technical capabilities and personnel expertise in the fields of digital forensics and malware analysis. To this end, a dedicated laboratory equipped with specialized toolkits and a sandbox platform for automation of malware analysis tasks will be set up. Moreover, CERT-RO personnel that will be responsible for Digital Forensics and malware analysis activities will be trained to acquire more specific expertise in these areas, especially in using that type of technology that will equip the laboratory.

This activity will enhance CERT-RO’s communication infrastructure by adding a call centre component (i.e. the National Cyber Call Centre – NC3) which will be used for processing cybersecurity notifications made by phone call.

The NC3 will ensure a 24/7 availability. The call centre will be available to all citizens, public and private organizations in Romania to report cyber security incidents. The service will be provided free of charges for the users (call charges may be applied by telephone operators).

By establishing the NC3, CERT-RO will meet the requirements imposed to national CSIRTs by the N1S Directive, namely: set-up of several means for being contacted and for contacting others (individuals, private and public institutions in the CERT-RO constituency and other entities that CERT-RO cooperates with, including authorities) at all times; high level of availability of communications services, adequately staffed to ensure availability at all times; monitoring incidents at a national level. In order to operate the call centre, staff with a medium IT and information security background and expertise will be recruited and trained.

The NC3 staff will consist of operators hired to this purpose that will work in shifts in order to assure 24/7 availability of the service.

NC3 is operational and available at:  031/62 02 180

This activity aims at building a technical platform, consisting of hardware and software, which will increase CERT-RO’s technical capabilities related to cybersecurity incident management and information sharing,

The platform will be interoperable with the EU cooperation mechanisms and the cybersecurity core service platform established through the Connecting Europe Facility (CEF) Telecom Work Programme 2015 (C{2015) 7381).

The platform will be used to collect, process, disseminate and share data related to cybersecurity incidents, vulnerabilities, threats, events and artefacts, including incident notifications received by CERT-RO. This will enhance CERT-RO’s capabilities for cooperation and information sharing, both at the national level and at the EU level.

In addition to the interfaces and gateways to the cybersecurity core service platform, the technical platform will provide services (information sharing, incident response and coordination, secure communications, data APIs) for different national organizations: digital service providers and operators of essential services (as defined by the NIS Directive), Internet Service Providers, law enforcement authorities, national cybersecurity authorities and other organizations within CERT-RO constituency. In order to assure an efficient sharing and dissemination of the information at the national level, different interfaces (Application Programme Interfaces – APIs) and interconnection software modules will be developed.