ENISA Report: New Light Shed on Capabilities in Energy & Healthcare

A new report released by the EU Agency for Cybersecurity (ENISA) showcases the product vulnerability management landscape, unveiling challenges faced by sectoral CSIRTs and PSIRTs.

Europeans can count on more than 500 Computer Incident Response Teams (CSIRTs) and on the CSIRTs network to respond to cybersecurity incidents and attacks.

In addition to CSIRTs, Product Security Incident Response Teams (PSIRTs) have emerged more recently. Their role is to manage the vulnerabilities of a company’s products and services.

PSIRTs have been mostly developed in a heterogeneous way. For instance, while some of them are well developed and independent from the main Incident Response (IR) team of the host company, others belong to their Security Operations Centre (SOC) or are just part of the development team.

Why a report on CSIRTs and PSIRTs capabilities?

The Directive on Security of Network and Information Systems (NISD) adopted in 2016 provides legal measures to boost the level of cybersecurity in the EU. Both CSIRTs and PSIRTs are essential players in the global Incident Response (IR) ecosystem.

The study published today - PSIRT Expertise and Capabilities Development - provides recommendations on the role of PSIRTs in the IR setup of the Member States according to the NISD, specifically in the energy and health sectors.

ENISA had already explored in details the IR setup across all sectors of the NISD in a study published in 2019: “EU Member States incident response development status report”.

Sectoral PSIRTs as energy or healthcare ones may benefit from an aligned approach in terms of processes and collaboration to ensure legal compliance in relation to their business partners, clients and possibly Operators of Essential Services or other actors subject to EU cybersecurity regulation.