CERT
 
Publications Catalog Historical Documents CERT Contact Information CERT Statistics Meet CERT Employment Opportunities
 

Partnership Between the CERT Coordination Center and US-CERT

 In September 2003, the Department of Homeland Security announced the creation of US-CERT, a partnership with the CERT® Coordination Center. The goal of US-CERT is to reduce the frequency and impact of cyber attacks by building a collaborative partnership between computer security incident response teams (CSIRTs), Information Sharing and Analysis Centers (ISACs), managed security service providers (MSSPs), information technology vendors, security product and service providers, and other organizations that participate in cyber watch, warning, and response functions. US-CERT will utilize CERT/CC capabilities to help prevent cyber attacks, protect systems, and respond to the effects of cyber attacks across the Internet.

Frequently Asked Questions

 General Questions
  1. Does this mean that the CERT/CC is now a government agency?

    2. No. The CERT/CC has always received the vast majority of its funding from the U.S. government, and it remains a non-government organization as it always has been.

  2. What are the long-term plans for the CERT/CC?

    3. The CERT/CC will continue to be a major reporting center for Internet security problems. It will continue to provide technical advice and coordinate responses to security compromises, identify trends in intruder activity, work with other security experts to identify solutions to security problems, and disseminate information to the Internet community. The CERT/CC will also continue to analyze product vulnerabilities, publish technical documents, and present training courses. Some of this work will be performed within the US-CERT partnership, such as the production of Cyber Security Alerts and similar documents.

  3. How will the neutrality of the CERT/CC be maintained?

    Alerts we publish in conjunction with US-CERT will continue to be produced using the same philosophies that the CERT/CC has followed in the past. In our fifteen year history, we have taken great care to be accurate, fair, and honest about the security risks you face, and we feel a professional obligation to bring you the best, most trustworthy advice we can to help you protect your systems. This same care and sense of obligation will continue with our work in conjunction with US-CERT.

CERT/CC advisories vs. US-CERT alerts
  1. What is really changing here?

    US-CERT produces information on cyber security, including alerts about critical security issues for both technical and non-technical users, as well as bi-weekly updates for technical users and bi-weekly security tips for non-technical users. The biggest change from CERT/CC advisories is the increase in information for the general public.

    US-CERT alerts will not only include the content historically produced by CERT/CC staff, but will also integrate additional content contributed by other organizations from both the public and private sectors. We will maintain the same high quality control standards, edit content for security and privacy, and work to ensure technical accuracy as well as timeliness.

  2. Won't it be complicated having some advisories on one site (CERT/CC) and others on another (US-CERT)?

    Advisories previously produced by the CERT/CC will be available from the CERT/CC web site. US-CERT alerts will be posted to the US-CERT web site, with links on the the CERT/CC web site to the most recent alerts.

Mailing lists

  1. What will happen to the CERT advisory mailing list?

    We have developed a plan to ensure uninterrupted service to our readers while preserving their privacy expectations. No new subscriptions will be accepted to the CERT advisory mailing list, and it will eventually be phased out after subscribers have had an opportunity to subscribe to one or more of the US-CERT mailing lists. The transition period will also allow subscribers to modify spam and email filters they may currently use to manage incoming CERT advisories. Subscribers to the CERT/CC mailing list will be advised well in advance of the termination date for that list.

  2. So right now you're operating both lists?

    We are operating both lists for a period of time to preserve the privacy expectations of the subscribers to the CERT/CC advisory mailing list and to allow network administrators sufficient time to make appropriate adjustments to filters and redistribution engines. However, operating both lists over the long term creates confusion and management complexity.

  3. Will the list of addresses on the current CERT/CC list be given to the government? Will addresses subscribed to the new list be given to the government (US-CERT)?

    The CERT/CC advisory mailing list will remain in the exclusive possession of Carnegie Mellon University, where the CERT/CC is located, and will not be disclosed to others. We will similarly manage the new US-CERT mailing lists, with strict security controls in place. These lists will not be used for any purpose other than sending alerts and other messages, and list maintenance.

  4. What content will be sent to the lists?

    The CERT advisory mailing list will receive the same information sent to the US-CERT's technical alerts mailing list. Details about other US-CERT mailing lists can be found on the US-CERT web site .

Privacy issues

  1. What are the privacy expectations for people reporting incidents or vulnerabilities?

    The CERT Coordination Center will continue to collect incident and vulnerability information provided to it by the Internet community using the same policies it has been using for protecting the identity of people reporting that data.

    The CERT/CC will continue to operate under the vulnerability disclosure policy announced on October 9, 2000.

Last updated: February 26, 2004