Action number 2017-CY-IA-0121, under the Agreement INEA/CEF/ICT/A2017/1528701 “Establishment of Cypriot Academic CSIRT”, commenced on 1st September 2018 and was completed on 31st May 2021. With the completion of the Action, the Academic CSIRT of Cyprus, namely CYNET-CSIRT, has been fully established.
During this period, CYNET-CSIRT has fulfilled its obligations and has managed to build a wide collaboration network with corresponding groups both in Cyprus and abroad. Such examples are the Academic Computer Security Incident Response Teams of Greece (GRNET CERT) and Portugal (RCTS CERT), the National Computer Security Incident Response Teams of Cyprus (National CSIRT-CY) and Portugal (CERT.PT). Moreover, CYNET-CSIRT has been the mentor of Kiev’s Academic Team (URAN-CERT), spreading its know-how and experience and assisting colleagues in realizing the proper development of their services, the monitoring of the necessary trainings, the acquisition of the necessary equipment and tools, in order to lay the necessary foundations for the establishment of their Team. Furthermore, CYNET-CSIRT has become a member of the Forum of Incident Response Security Teams (FIRST) and is listed as an accredited candidate in the Trusted Introducer (TI) Teams. The CYNET-CSIRT Team is fully operational and the Team provides cybersecurity services to all research and academic institutions which are members of the Cyprus Research and Academic Network (CYNET).
In addition, CYNET-CSIRT has established a collaboration with GÉANT-CSIRT and GÉANT-SOC. This collaboration provides access and allows CYNET-CSIRT to spot potential events detected daily. This work covers investigating the incident, recommending and supporting the network integrity. Moreover, CYNET-CSIRT has the opportunity to collaborate, share experiences, challenges and views, which is a fundamental principle of the GÉANT community. Another opportunity is the exchange of interesting suggestions for future activities in collaboration with National Research and Education Networks (NRENs). The main objective is to focus on specific SOC tools and tool integrations as useful examples to share with the community.
Building a modern Computer Security Incident Response Team is challenging, since security has significantly evolved through the years. Deciding which technologies, techniques and methods should be supported, are all hard decisions. Thus, CYNET-CSIRT has developed the Cybersecurity Platform (CyNet-csirt/csp). The architecture of CSP platform has been designed and developed based on Model-View-Controller (MVC) web application principles. More precisely, the system has two major modules: a. the windows-based web application module and b. the Linux cybersecurity tools.
Following the completion of the Action, CYNET-CSIRT is organising a final conference where the academic and research community, as well as other associates and interested parties will be invited and informed on the results of the Action. For the purposes of the conference, speakers from EU countries where Academic CSIRTs are already established and in a mature phase, will be invited with the purpose of transferring their knowledge and know-how on best practices. Moreover, there will be dissemination of the event on social media, website etc.