Trust is the cornerstone of incident response. To guarantee an optimal level of service to Crédit Agricole Group entities and ensure fluid cooperation with the international community, CERT-AG relies on recognized standards and strict reference frameworks.
Standardized Identity (Towards RFC 2350)
To collaborate effectively in a crisis, security teams must speak the same language. We make available our RFC 2350, our team’s standardized identity card. It clearly defines our scope, our secure communication modes, and our intervention policies. It is the entry point for any entity wishing to interact with us.
Maturity Assessment (Towards SIM3)
Cybersecurity is a continuous improvement process. CERT-AG adopts the SIM3 (Security Incident Management Maturity Model) to steer its skills development. This repository allows us to evaluate our maturity on four fundamental axes: organization, human resources, tooling, and processes. It attests to our ability to operate according to industry best practices (TF-CSIRT / FIRST).