Critical Information Infrastructure Protection
The CIIP program is concerned with the protection of the information assets in critical sectors such as energy and finance. This program provides and supports essential services critical to maintaining the quality of life in the State of Qatar. To serve this purpose, QCERT studies the needs of specific sectors and their cyber security maturity levels. The studies lead to the development of protection strategies, practice frameworks and tools by working closely with stakeholders.
CyberSecurity Strategy, Policy, Legislation and Compliance
To ensure that all sectors and entities are aware of their obligations towards CyberSecurity, it is necessary to ensure the national legislation and policies are defined
The Supreme Council for Information and Communication Technology (ictQATAR) has developed a National Information Assurance Framework (NIAF). This framework includes a set of Cyber Security Legislations, Standards and Guidelines to assure securing information assets. The scope of this framework covers E-commerce and related transactions, Internet infrastructure security, and protection of critical infrastructure information.
Cyber Incident Management and Coordination
Even with the most comprehensive proactive security prevention processes in place, cyber incidents will occur. Q-CERT target is to contain any possible damage that may arise from incidents. The key is to help organizations and citizens in State of Qatar respond appropriately to incidents through timely reporting, analysis and effective mitigation strategies. Q-CERT’s Incident Management capabilities include:
> Actively and continuously reducing malware infections within Qatar’s networks and systems
> Building an effective cybercrime capability investigation supported with a world class digital forensics technology
For a connected nation, there is a need to conduct proactive research for cyber threats and ensure that attacks can be detected and prevented before they cause real harm. Q-CERT’s cyber security intelligence aims to stay vigilant against possible cyber threats that may arise in today’s networked world, through threat monitoring, trend analysis and advisories. Q-CERT’s initiatives in Cyber Security Intelligence include:
> Providing trend analysis of potential threats and sharing information with stakeholders
> Assisting in detection and prevention of national incidents
To improve the information security posture within the government sector, Q-CERT directs its efforts towards improving the cyber security resilience by conducting risk and security assessments and enabling resilience management. These services help organizations design and maintain their information infrastructure in conformance with relevant standards and conform to accepted global best practices.
Cyber Security Education and Enhancing Technical Capabilities
Technology can deliver its intended benefits only when it is used securely. Q-CERT understands the need to empower users with Cyber Security knowledge to make the most of the available technology. The Cyber Security Education and Training initiative offers a rich series of workshops, tutorials and briefings tailored specifically for technology users. Experienced instructors conduct workshops in both English and Arabic, sharing their expertise and knowledge in sound technology practices.