TZ-CERT is authorized to address all types of computer security incidents which occur, or threaten to occur, in their Constituency and which require cross-organizational coordination.
The level of support given by TZ-CERT will vary depending on the type and severity of the incident or issue, the type of constituent, the size of the user community affected, and TZ-CERT’s resources at the time. Special attention will be given to issues affecting critical infrastructure.
TZ-CERT is committed to keeping its constituency informed of potential vulnerabilities, and where possible, will inform this community of such vulnerabilities before they are actively exploited.
Below are the TZ-CERT roles and functions
- To maintain a trusted National focal Point of Contact (PoC) within and beyond the national boarders that responds to Cyber security incidents;
- To develop, maintain and communicate cyber security procedures and standards to the constituencies;
- To define and communicate CERT services to the constituencies;
- To provide quality support and services to the defined constituencies in a timely and effective manner;
- To establish and maintain a database of constituents’ profile for efficient Service delivery and support;
- To develop and maintain a website for public and closed members, mailing list and other communication channels for efficient communication
- To develop and define communication approach and information sharing among the constituents, service providers and stakeholders;
- To develop and deliver a set of crucial reactive services to the public for continuous awareness and knowledge sharing;
- To Forecast and broadcast alerts on cyber security incidents;
- To take Emergency measures for handling cyber security incidents;
- To issue guidelines, advisory and vulnerability notes and relating to information on security practices, procedures, prevention, response and Reporting of cyber threats;
- To develop a collaborative relationship with other CERT type organisations and associates;
- To raise awareness and provide training to sectoral security CERTs;
- To escalate the security and other related incidences to national security and law enforcement agencies for further action including prosecution;
- To perform on demand and scheduled security audits to critical ICT infrastructure and critical services in order to assess their vulnerabilities to Cyber security threats;
- To coordinate other sectoral specific CERTs including Government Network CERT established under their respective legislation and to as a bridge between them and International CERTs.