Sectoral CERT

Sectoral Computer Emergency Responsa Team

Sectoral CERT

Cybersecurity Act 2019 stipulates that the National Cyber Security Committee (NCSC) has the power to prescribe the characteristics, duties and responsibilities of the Sectoral Computer Emergency Response Team (Sectoral CERT). In this regards, Government agencies or Regulators having readiness to supervise the organizations of Critical Information Infrastructure (CII) are assigned to be responsible for coordinating, monitoring, responding, and resolving cyber threats for CII in whole or in part. Moreover, consideration for the prescription of such mission or services of Sectoral CERTs shall be in accordance with the rules prescribed by the Committee.

Sections in the Cybersecurity Act 2019

Section 50

  • The Committee has the power to prescribe the characteristics, duties, and responsibilities of the coordinating agency for maintaining the security of computer systems for the Organization of Critical Information Infrastructure of section 49 to coordinate, monitor, cope with, and resolve Cyber Threats by prescribing the Government Agency that is ready or such Critical Information Infrastructure Supervising or Regulating Organization to perform such duties for the Organization of Critical Information Infrastructure in accordance with section 49, in whole or in part.
    Consideration for the prescription of such mission or services under paragraph one shall be in accordance with the rules prescribed by the Committee, which shall be published in the Government Gazette. The Committee shall consider and review such prescription of the mission or services on a case-by-case basis as appropriate.

Section 52

  • For the benefit of coordination, the Organization of Critical Information Infrastructure shall notify the name and contact information of the owner, the person possessing the computer, and the person monitoring the computer system to the Office, its Supervising or Regulating Organization, and the organization under section 50, within thirty days from the date the Committee prescribes the notification in accordance with section 49 paragraph two and section 50 paragraph two, or from the date the Committee issues a final judgement in accordance with section 51, as the case may be; the owner, the person possessing the computer, and the person monitoring the computer system shall at least be a person responsible for the management of such Organization of Critical Information Infrastructure.
    In case there is any change to the owner, the person possessing the computer and the person monitoring the computer system in accordance with paragraph one, notice of change to the relevant organizations under paragraph one shall be given not less than seven days in advance, unless there is reasonable cause which is inevitable, it shall be notified without delay.

Section 59

  • When it appears to the Supervising or the Regulating Organization, or when the Supervising or the Regulating organization is notified of an incident in accordance with section 58, the Supervising or Regulating Organization in cooperation with the organization under section 50 shall gather information, examine, analyze the situation, and evaluate the effects related to the Cyber Threat and shall perform the following:
    (1) support and grant assistance to the Government Agency or Organization of Critical Information Infrastructure under the supervisor or regulation and cooperate and coordinate with the Office to prevent, cope with, and mitigate the risks from the Cyber Threat;
    (2) notify the Government Agency or Organization of Critical Information Infrastructure under its supervision or regulation, including other relevant Government Agencies or Organizations of Critical Information Infrastructure without delay.