On the 2nd of June the NORDUnet CERT team successfully completed the Trusted Introducer certification, making it one out of only 17 European security teams achieving the highest level of maturity in Security Incident Management.
The Trusted Introducer certification shows evidence of team maturity, utilizing adequate tools and training. The Certification is based on the Security Incident Management Maturity Model SIM3 and assessed by two auditors.
The Trusted Introducer service was established by the European computer security community CERT in 2000 to build a service infrastructure providing vital support for all security and incident response teams.
It forms the trusted backbone of infrastructure services and serves as clearinghouse for all security and incident response teams. It lists well known teams and accredits as well as certifies teams according to their demonstrated and checked level of maturity.
According to Jonny Lundin, head of NORDUnet Networks Operations Center in Stockholm, the certification is an important step for his team:
– Trust is important, and now we have proven to our colleagues around Europe, that we are trustworthy. Having achieved the highest level of maturity, we can cooperate with organisations similar to ours on the highest level of trust.
– Also, the framework of the SIM3 model has helped us sharpen our procedures, NORDUnet information security manager at NORDUnet Jacob Asbæk Wolf adds.
– The model measures your performance within four different parameters: organisation, tools, processes and human parameters. As an example, the certification procedure has helped us improve training of new staff members and to create a proven and structured approach to security incidents.
The Trusted Introducer certificate is valid for three years. At that time you have to apply for re-certification.
There are three steps of the TI CERT membership:
1: Listed member: 274 organisations
2: Accredited members: 136 organisations
3: Certified members: 17 organisations
To learn more about the Trusted Introducer initiative please go to the website https://www.trusted-introducer.org/directory/index.html
