Meyer P, Métille S. Computer security incident response teams: are they legally regulated? The Swiss example.
Int Cybersecur Law Rev 2023;
4:39-60. [PMID:
36798529 PMCID:
PMC9923885 DOI:
10.1365/s43439-022-00070-x]
[Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [What about the content of this article? (0)] [Affiliation(s)] [Abstract] [Key Words] [Track Full Text] [Figures] [Subscribe] [Scholar Register] [Received: 09/02/2022] [Accepted: 10/01/2022] [Indexed: 11/09/2022]
Abstract
Computer Security Incident Response Teams (CSIRTs) or Computer Emergency Response Teams (CERTs) are an integral part of incident handling capabilities and are increasingly demanded by organizations such as critical infrastructures. They can hold many different skills and are of great interest to organizations in terms of cyber security and, more concretely, cyber incident management. This contribution seeks to analyze the extent to which their activity is regulated under Swiss law, considering that private CSIRTs are not regulated in the same way as governmental and national CSIRTs such as the Computer Emergency Response Team of the Swiss government and official national CERT of Switzerland (GovCERT).
Collapse