What are CERTs

Computer Emergency Response Teams (CERTs) are organisations dedicated to the protection of information security and can be established at the national level, at the sectoral level (such as finance or energy) as well as within a single entity (e.g. company CERTs). Alternatively, these types of organisations are called CSIRT (Computer Security Incident Response Team) or CIRT (Computer Incident Response Team). 

Depending on the legal framework, the role of CERT can be educational, advisory, preventive and investigative, which includes monitoring accidents at the national level, providing early warnings and information on risks and incidents in the field of information security, but also promoting security culture among citizens, in state institutions and the private sector. 

Due to the fact that they are in charge of a limited number of specific information systems, special CERTs usually have an incident management function, which implies a more active role in the process of restoring normal system functioning, incident and malware analysis. 

The first organisation of this kind is the CERT Coordination Center (CERT / CC) of the Software Engineering Institute at Carnegie Mellon University in Pittsburgh, USA. As early as 1990, national organisations founded the international organization FIRST (Forum of Incident Response and Security Teams), which currently has more than 500 members worldwide. FIRST brings together CERT teams at the state level, commercial CERTs and academic CERTs.