1st Formal CSIRT Network Meeting

1st Formal CSIRT Network Meeting

Date: Feb 22, 2017

Note Video best viewed using Microsoft Internet Explorer

The 1st Formal CSIRT Network Meeting was held in Malta between the 22nd and 23rd February 2017.  The meeting was organised by CSIRTMalta, within CIPD, in collaboration with the European Network and Information Security Agency ENISA as part of the Maltese Presidency of the Council of the European Union (Jan – June 2017).  

The Directive on Security of Network and Information Systems ('NIS Directive') represents the first EU-wide rules on cybersecurity. The objective of the Directive is to achieve a high common level of security of network and information systems within the EU, by means of improved cybersecurity capabilities at national level, increased EU-level cooperation and risk management and incident reporting obligations for operators of essential services and digital service providers. The NIS Directive (EU) 2016/1148 is a major milestone towards building cybersecurity resilience on the European level and the Directive entered into force in August 2016. 

Pursuant to Article 9 of the Directive, each Member State shall designate one or more CSIRTs responsible for risk and incident handling at a national level. Furthermore, Article 12 of the Directive sanctions the creation of a group of national CSIRTs whose goal is to foster confidence and trust between Member States and to promote swift and effective operational cooperation. The CSIRT Network must be operational six months after the entry into force of the Directive, that is, February 2017. The CSIRT Network shall be composed of representatives of the Member States CSIRTs and CERT-EU. The Commission shall participate in the CSIRTs Network as an observer while, EU’s Agency for Network and Information Security (ENISA) shall provide the secretariat and shall actively support the cooperation among the CSIRTs.


The CSIRTs Network will operate in parallel to existing networks of CSIRTs, both within and outside the EU. The unique characteristic of the CSIRTs Network is that it involves all EU Member States and CERT-EU, and is therefore well-positioned to enhance trust and cooperation across the Union. The creation of a solid trusted network in which information exchange on CSIRT services, operations and cooperation capabilities among all participating CSIRTs and in accordance with Article 12 of the Directive, will commence formally in Malta on the 22nd and 23rd February 2017 during the Maltese Presidency of the Council of the European Union.

About the Meeting​​​​​​​​​​

The CSIRT Network, as defined by the NIS Directive, conducts the first formal CSIRT Network Meeting, organised by the Maltese Presidency in Sliema Malta, on February 22nd and 23rd .
ENISA along with representatives from the European CSIRT Community, CERT-EU and the European Commission:
  • Presented  work relevant to the group capabilities and betterment of these
  • Adopted the Terms or Reference and Rules of Procedures that define the group
Among others, the CSIRT Network adopted the short term goals that will be taking place in the next 18 months, (February 2017 to August 2018​) and formed the Working Groups for the execution of these.
The formation of five working groups as follows:
  • WG1: ENISA Portal testing
  • WG2 : Maturity level
  • WG3: Specific requirements for operational services
  • WG4: SOPs
  • WG5: Communications with the Cooperation Group

Note: Next formal CSIRT network meeting is scheduled for May 2017 in Estonia. Malta CIP will be chairing the meeting as part of the Maltese Presidency program. (More details will follow in due time).