We were born in 2011. While we are administratively hosted within the Directorate-General for Digital Services of the European Commission, our nature is that of an inter-institutional provider, governed by a Steering Board that is currently chaired by the European Parliament, and serving all the EU institutions, bodies and agencies (a.k.a. the EUIBAs, our constituents), located in the continent and beyond.
As one of the most mature cyberdefence entities in Europe and a central cybersecurity cog of the EU, we take pride in contributing to the security of the ICT infrastructure of our 80+ constituents by helping them prevent, detect, mitigate and respond to cyberattacks, and by acting as the cybersecurity information exchange and incident response coordination hub for all of them.
Our staff of more than 40 passionate, dedicated cybersecurity experts, working in a very congenial work environment, offer a wide range of services to our constituents spanning prevention, detection, response and cyber threat intelligence. For example, we coordinate response to cybersecurity incidents and ensure that information is efficiently exchanged with our constituents. We monitor and hunt for threats, perform technical assessments, Red Team and phishing exercises. We also organise cyber awareness sessions for our constituents and give them guidance as well as contribute to and participate in cyber exercises such Cyber Europe and Locked Shields.
Thanks to our highly mature cyber threat intelligence capability, we keep tabs on the threat landscape to better defend our constituents and regularly exchange information with peers and partners around the world to create as comprehensive a situational awareness as possible.
We are a member of the CSIRTs Network (CNW), the European Government CSIRTs Group (EGC), FIRST, Trusted Introducer, and other fora. We have a structured cooperation with ENISA, the EU Agency for Cybersecurity, with whom we work closely. And in 2016, we signed a technical agreement with the NATO Computer Incident Response Capability (NCIRC) to exchange cybersecurity information.
Our legal basis can be found in the Interinstitutional Agreement C 12/1, published in the Official Journal of the EU as Interinstitutional Arrangement 2018/C 12/01. Feel free to also get a look at our RFC2350.
Scroll down to learn more about our teams.
Forensics and Operational Response to Cyber Events
Threats shall not pass! Our Blue Team is here to detect, protect and respond. We got our constituents’ backs through specialised SOC services as well as continuous threat monitoring and hunting. And we leverage top-notch Human Powered Expertise™ in our investigations. At CERT-EU we are proud to provide incident support and coordination for all EUIBAs!
Cyber Threat Intelligence
Information is power! Our CTI analysts constantly monitor, merge, analyse and contextualise threat information and reports from various sources. Through regular reporting to our constituents, we build our collective awareness on cyber threats. Moreover, ad hoc reporting provides timely, actionable information to support our constituents’ fight against a wide variety of adversaries.
We hack our constituents for their own good (with their permission of course)! Our Red Team puts our constituents’ systems to the test and it shall aid the hardening of their infrastructure, through ethical hacking techniques, vulnerability assessments, phishing exercises, customised penetration tests and Red Team exercises.
Where all the magic happens! Our internal team of engineers, IT admins and developers is committed to maintaining and enhancing our infrastructure, procedures and tools. With a focus on automating and integrating projects and improving workflows within the CERT-EU environment, all the while continuously strengthening our operational security and resilience, we improve our performance and service quality, in order to maximise value for our constituents.
We are in this together! Our Cooperation team acts as the external interface of our organisation, it builds trust and maintains strategic relationships with our peers and partners with a view to fostering the Union’s cybersecurity. We solidify operational cooperation through structured collaborations and we support EU policy and decision-making with our collective technical expertise, for the benefit of all EUIBAs and the Union.
We are there for our constituents! The SECCON team of specialists is there to advise our constituents on the optimal use of our services and make sure these services meet their expectations. We aim at enhancing the overall security posture of all EUIBAs, through guidance documents, awareness sessions, maturity assessments and regular stocktaking meetings.