A national CSIRT for Costa Rica
March 30, 2015
Together with the Ministry of Science, Technology and Telecommunications, NIC Costa Rica is advancing in the implementation and operation of a national CSIRT. With this backdrop, LACNIC organized its first AMPARO computer security workshop in San Jose.
In the opinion of Wilmer Ramirez Morera , engineer with the Cybersecurity Unit of Costa Rica´s Ministry of Science, Technology and Telecommunications, the AMPARO workshop was a very rewarding and well-designed initiative. Ramirez Morera briefly explained and presented practical examples of the different steps involved in setting up a CSIRT.
“The workshop and some of the exercises that were presented helped us clear some of the doubts and uncertainties regarding the CSIRT´s scope and functions. The manual has also become a reference for the region on how to set up a computer security incident response team.”
Tomas Ananía, Deputy Executive Director of NIC.CR, said the workshop provided invaluable information for the establishment and operation of a CSIRT from an administrative point of view. He added that the way in which the exercises had been presented “highlighted the need to be properly organized within the CSIRT, as clear roles and proper communications at internal level, towards customers and other CSIRTs will determine the CSIRT´s ability to respond and solve any incidents it may encounter.”
(Free access, no subscription required)
Ramirez believes that the workshop will be an invaluable tool for starting up additional CERTs and CSIRTs throughout Central America. Notwithstanding, he argued that there are still “great obstacles and challenges ahead for a broader adoption of computer security, the most relevant of which include greater public awareness, a stronger commitment on the part of corporate leadership as regards this issue, and an increase (or the allocation) of computer security team budgets.”
In Ananía´s opinion, one of the major computer security challenges in Costa Rica is precisely the consolidation of the country´s national CSIRT. Both the Ministry of Science, Technology and Telecommunications as well as NIC.CR and other organizations that are cooperating and working to strengthen cybersecurity are very confident that this project will be extremely beneficial for the country. “We must continue to support our CSIRT so that, slowly but surely, a trust network will be created that is able to protect Costa Rica´s critical infrastructure,” Ananía added.
He thanked LACNIC for their help in providing training and support to allow the region to further strengthen its different programs and projects.