TF-CSIRT Purpose

TF-CSIRT evolves and fosters an independent and trusted community that encourages collaboration within the incident response space and provides opportunities for both organisations and individuals, to improve and grow.

Why Us?

TF-CSIRT operates with a European mindset, and strives to make its services and meetings inclusive, accessible, easy-to-reach, and affordable for all CSIRTs (as well as SOCs, PSIRTs, ISACs, and other incident response teams) with a focus on Europe – regardless of sector. Through the Trusted Introducer service, TF-CSIRT offers well-maintained up-to-date contact information and provides teams with recognition status via its differentiated listing, accreditation and certification processes.

Strategic goals

The TF-CSIRT Steering Committee has set the following strategic aims for 2024 – 2028:
  1. Deliver the community affordable and inclusive Events with a community driven program to give the ability to connect to each other.
  2. Organise affordable and plentiful Trainings for the community.
  3. Create a resilient and sustainable community
  4. Safeguard and enhance maturity process for Incident Response related teams
  5. Improve internal organisational processes

General Background

Computer security incidents require fast and effective responses from the organisations concerned. Computer Security Incident Response Teams (CSIRTs) are therefore responsible for receiving and reviewing incident reports, and responding to them as appropriate. TF-CSIRT is a task force that promotes collaboration and coordination between CSIRTs in Europe and neighbouring regions, whilst liaising with relevant organisations at the global level and in other regions.

Goals of TF-CSIRT

TF-CSIRT provides a forum where members of the CSIRT community can exchange experiences and knowledge in a trusted environment in order to improve cooperation and coordination. It maintains a system for registering and accrediting CSIRTs, as well as certifying service standards.
TF-CSIRT also develops and provides services for CSIRTs, promotes the use of common standards and procedures for handling security incidents, and coordinates joint initiatives where appropriate. This includes the training of CSIRT staff, and assisting in the establishment and development of new CSIRTs.
TF-CSIRT further liaises with GÉANT, RIPE NCC, FIRST, ENISA, other regional CSIRT organisations and initiatives.