Why was CERT.at founded?

Promoting the Internet in Austria is one of the goals enshrined in the articles of incorporation of the Internet Foundation Austria, nic.at’s owner. Over recent decades the Internet has not only become an essential element of numerous business processes, but is also an integral part of many people’s daily lives. As a result, we have to ensure that we are ideally placed to meet and counter threats and security risks as they emerge. A national CERT as an independent information hub presented itself as the ideal opportunity to leverage the available synergies while promoting the goals of the foundation. The greatest challenge that we faced was establishing an effective team to rapidly embed us in national and international networks and help us establish the level of trust required for quality information exchange. As face to face contact and direct communications are an essential part of this, a significant amount of our initial work focused on building up a network of dependable contacts at home and abroad, rather than the technical side of things.

What were the key milestones?

One significant milestone came right at the start – gov-CERT, a partnership with the Office of the Federal Chancellor, which continues to this day. And thanks to the excellent support we receive from our partner organisations such as the University of Vienna and the Swiss registry SWITCH, we were able to establish ourselves on international committees in no time at all and successfully complete the required accreditation process. With a great deal of dedication and hard work from our employees we achieved some impressive results with a small team – we only had four full-time employees to begin with – attracting international recognition along the way. One other important step was the foundation of the Austrian Trust Circle – an information exchange platform for six key infrastructure sectors (energy, industry, financial, health, transport and ISP). This organisation brings together selected representatives once a quarter who report to their peers on current issues and incidents in a confidential environment in which personal allegiances are put to one side. In 2017 we founded the Austrian Energy CERT (AEC) – the first sectoral CERT in the country – mapping out a new path that attracted a great deal of attention on the international stage and generated an overwhelmingly positive response.

What moment has stayed with you on a personal level?

One personal highlight was hosting the annual international FIRST conference in June 2011 in Vienna, which attracted around 500 participants from all over the world.

Where are things heading?

For us, the next challenge will be to implement the NIS Directive, which sees the national CERT (to the extent that no sector CERT is in place) assume the role as reporting centre for security incidents. This brings increased demands in terms of availability, as well as heightened security for our infrastructure and internal processes.

Go to CERT.at