Hi All,
ENISA recently published: Product Security Incident Response Team (PSIRT) EXPERTISE AND CAPABILITIES DEVELOPMENT Health and Energy study and recommendations
This study focuses on the Sectoral Computer Security Incident Response Team (CSIRT) and
Product Security Incident Response Team (PSIRT) capabilities status and development within
the energy and healthcare sectors as specified within the NIS directive. This report follows the
December 2020 publication of Sectoral CSIRT Capabilities - Status and Development in the
Energy and the Air Transport sectors.
Desk research has been conducted, followed by a survey which was answered by 7 PSIRTs
and 22 CSIRTs from 19 EU Member States. The relatively low number of PSIRTs, especially of
those with a scope limited to the energy and healthcare sectors, led us to include more CSIRTs
and more sectors in the study. The findings and recommendations still apply to the energy and
healthcare sectors, but also offer a wider view of the product vulnerability management
landscape.
As a result, 12 key findings were identified, and 9 recommendations have been proposed.
------------------------------
Michael Roza CPA, CISA, CIA, MBA, Exec MBA
------------------------------