Incident Response

  • Incident Triage
    • Determining whether an incident is authentic.
    • Assessing and prioritizing the incident.
  • Incident Coordination
    • Determine the involved organizations.
    • Contact the involved organizations to investigate the incident and take the appropriate steps.
    • Facilitate contact to other parties which can help resolve the incident.
    • Send reports to other CERTs
  • Incident Resolution
    • Advice local security teams on appropriate actions.
    • Follow up on the progress of the concerned local security teams.
    • Ask for reports.
    • Report back.
    • CERT-GH will also collect statistics about incidents within its constituency.
  • Proactive Activities.
    • CERT-GH tries to raise security awareness in its constituency.
    • Collect contact information of local security teams.
    • Publish announcements concerning serious security threats.
    • Observe current trends in technology and distribute relevant knowledge to the constituency.
    • Provide results for community building and information exchange within the constituency.