The Computer Emergency Response Team/Coordination Center (CERT.UG/CC) is the first official National Computer Security Incident Response Team to be launched in Uganda. Its establishment helps to ensure the protection of the nation's Critical Information Infrastructures, assist in drafting the overall plan on the country's approach to cyber security related issues and thus can serve as a focal point for further building and implementing the National Culture of cyber security.
The National CERT will also better equip and organise Uganda to effectively analyse and respond to cyber threats, pay particular attention to improving cyber security to ensure better protection of Uganda's ICT infrastructure and the availability of dependent services and support provided to government agencies, citizens and businesses. Many of these services are part of our daily life and have a direct impact on a company's economic well-being and progress.
CERT-UG/CC facilitates communication with experts both locally and internationally to assist in the solving of security incidents. Your cooperation and support towards the center’s operation is encouraged in order to improve on the awareness and understanding of information and security concerns in Uganda.
The National CERT is a collaborative effort spearheaded by the Ministry of Information and Communications Technology through the National Information Technology Authority- Uganda (NITA-U).
CERT-UG/CC is developed and managed by the NITA-U. Within this center a group of qualified individuals referred to as the Advisory team are in charge in the administration, procedures and policy of the CERT-UG/CC thus providing the necessary support and services while reviewing and responding to the cyber security incidents that are faced.
The members of the Advisory team are as follows:
Mr. Arnold Mangeni , CISSP ® - Director Information Security, NITA-U.
Mr. Peter Kahiigi, CISM, CISSP ® - Director E-Government Services, NITA-U.
Ms. Vivian Ddambya, CISSP ® - Director of Technical Services, NITA-U
CERT-UG/CC strives to:
- Establish a management organisation & structure to respond effectively to cyber security incidents
- Improve information security awareness
- Accomplish maximum performance
- Provide analytical support, analysis & advice on cyber security in Uganda
Spread the word
CYBER SECURITY PROTECTION
CERT UG aims to provide benchmark services and support on issues relating to information and cyber security while focusing on incident handling, analysis and immediate effective response to security incidents and vulnerabilities to prevent and mininmize damage.
'A secure and solid internet for all Ugandans.'
CERT-UG/CC aims at providing the necessary services to handle incidents and support the affected parties to recover from breaches. The advice, services and support provided by the National CERT takes form of the website content provided for its audience in need. It is a trusted source of information and advice on cyber security issues in Uganda that provides advice,support and guidance in many forms from written advisories to sectoral briefs.
We provide a variety of services including email, hotline support, technical guidance on incident response support, mitigating cyber threats, information collaboration and capacity building.Our aim is to help and support all Ugandans in awareness of information on major issues on cyber security.
CERT Uganda delivers the following services indicated below:
- Alerts and Warnings
- Incident Handling
- Incident analysis Incident response support
- Incident response coordination
- Incident response on site
- Vulnerability Handling
- Vulnerability analysis
- Vulnerability response
- Vulnerability response coordination
- Child online protection
- Technology Watch
- Security Audits or Assessments
- Configuration and Maintenance of Security
- Development of Security Tools
- Intrusion Detection Services
- Security-Related Information Dissemination
Artifact handling contains the analysis of any file or object found on a system that might be involved in malicious actions, like leftovers from viruses, worms, scripts, trojans, etc.
It also contains the handling and distribution of resulting information to vendors and other interested parties, in order to prevent further spreading of malware and to mitigate the risks. The services offered include;
- Artifact analysis
- Artifact response
- Artifact response Coordination
Security Quality Management
Security and Quality management services are services with longer term goals and include consultancy and educational measures. The specific services are;
- Risk Analysis
- Business Continuity and Disaster Recovery
- Security Consulting
- Awareness Building
- Product Evaluation or Certification
The National CERT will be complimentary to services and information provided from the United States of America Computer Emergency Readiness Team (US-CERT) Egyptian Computer Emergency Response Team (EG-CERT), Japanese Computer Response Team (JPCERT/CC) and Korean Computer Emergency Response Team (Kr-CERT/CC)
Having a dedicated IT security team helps to mitigate and prevent major incidents and helps to protect valuable assets in the country. Further possible benefits are:
- Having a centralized coordination for Information Technology security issues .
- Centralized and specialized handling of and response to IT incidents.
- Having the expertise at hand to support and assist the users to quickly recover from security incidents.
- Dealing with legal issues and preserving evidence in the event of a lawsuit.
- Keeping track of developments in the security field.
- Stimulating cooperation within the country on IT security (awareness building).