TIBCERT

Strengthening security and building technical excellence of Tibetan organizations through collaboration and knowledge sharing

Who We Are?

Services

These are some of the services which will be provided to a member organization. The services are outlined below:

Training on Digital Security

Organizational Security Audit

Guidance of secure tools and infrastructure deployment

Digital Security Policy Development and Implementation

Digital Security Incident Response

TibCERT will deploy a helpdesk and members would have priority in terms of response.

TibCERT members will also be invited to participate in trainings on Digital Security and Incident handling to further their own knowledge and capacity.

Membership

TibCERT aims to build a coalition-based structure for preventing and mitigating online threats in the Tibetan Community. To achieve this goal, support services are provided through a membership model. To become a member of TibCERT there are certain criterias which needs to be fulfilled:

Member organization must commit a staff member to join the TibCERT Response working group.

All staff of the office/organisation must be trained on basic Internet security by a response working group member or in a place where Tibet Action has a Digital Security Ambassador. Training will be provided according to the specific needs of the organization.

The organization must have an established digital security policy or commit to developing and implementing a digital security policy in collaboration with a member of the response working group within 6 months of joining TibCERT. In places where Tibet Action has a Digital Security Ambassador, the development of the digital security policy will be conducted by the Digital Security Ambassador.

The organization must be willing to share data on threats they see in their organization (e.g., suspicious emails, malware, etc) with members of TibCERT to help mitigate threats and conduct research by RECON working groups. All groups will abide by specific protocols for how information is shared within TibCERT. This sharing will be guided through Traffic Light Protocol which is a standard used in the information security industry.

The organization must comply with the Traffic Light Protocol for sharing data which is a standard used in the information security industry (available on TibCERT website).

Cost: At present, there is no membership fee for join TibCERT. To ensure the long term sustainability of this important initiative, in the future the membership may decide on a fee-based membership structure. TibCERT is a community based project and community support is essential for sustainability!

Traffic Light Protocol (TLP)

This TLP defines how TibCERT facilitates greater sharing of information and is part of the TibCERT policy in terms of information sharing between:

TibCERT and TibCERT members

TibCERT and the Tibetan community

TibCERT with cybersecurity researchers

TibCERT and the advisory council

TibCERT uses the TLP as defined by FIRST(Forum of Incident Response and Security Teams).

Traffic Light Protocol Definitions

About

The Tibetan Computer Emergency Readiness Team (TibCERT) seeks to create a formal, coalition-based structure for reducing and mitigating online threats in the Tibetan community, as well as to expand Tibetans’ technical research capacity on threats in the diaspora and surveillance and censorship inside Tibet, ultimately ensuring greater online freedom and security for Tibetan society as a whole.

Contact Us

E-Mail:

support(at)tibcert.org

PGP Key

submit(at)tibcert.org

PGP Key

info(at)tibcert.org

PGP Key

support(at)tibcert.org

support@tibcert.org

submit(at)tibcert.org

submit@tibcert.org

info(at)tibcert.org

info@tibcert.org

འགྲིམ་འགྲུལ་གློག་གི་གྲོས་མཐུན་

Definitions

Color	Abbreviation	Description
RED	Not for disclosure, restricted to participants only.	Sources may use TLP:RED when information cannot be effectively acted upon by additional parties, and could lead to impacts on a party's privacy, reputation, or operations if misused. Recipients may not share TLP:RED information with any parties outside of the specific exchange, meeting, or conversation in which it was originally disclosed. In the context of a meeting, for example, TLP:RED information is limited to those present at the meeting. In most circumstances, TLP:RED should be exchanged verbally or in person
AMBER	Limited disclosure, restricted to participants’ organizations.	Sources may use TLP:AMBER when information requires support to be effectively acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the organizations involved. Recipients may only share TLP:AMBER information with members of their own organization, and with clients or customers who need to know the information to protect themselves or prevent further harm. Sources are at liberty to specify additional intended limits of the sharing: these must be adhered to.
GREEN	Limited disclosure, restricted to the community.	Sources may use TLP:GREEN when information is useful for the awareness of all participating organizations as well as with peers within the broader community or sector. Recipients may share TLP:GREEN information with peers and partner organizations within their sector or community, but not via publicly accessible channels. Information in this category can be circulated widely within a particular community. TLP:GREEN information may not released outside of the community.
WHITE	Disclosure is not limited.	Sources may use TLP:WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction.

Traffic Light Protocol

Definitions

Color	Abbreviation	Description
RED	Not for disclosure, restricted to participants only.	Sources may use TLP:RED when information cannot be effectively acted upon by additional parties, and could lead to impacts on a party's privacy, reputation, or operations if misused. Recipients may not share TLP:RED information with any parties outside of the specific exchange, meeting, or conversation in which it was originally disclosed. In the context of a meeting, for example, TLP:RED information is limited to those present at the meeting. In most circumstances, TLP:RED should be exchanged verbally or in person
AMBER	Limited disclosure, restricted to participants’ organizations.	Sources may use TLP:AMBER when information requires support to be effectively acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the organizations involved. Recipients may only share TLP:AMBER information with members of their own organization, and with clients or customers who need to know the information to protect themselves or prevent further harm. Sources are at liberty to specify additional intended limits of the sharing: these must be adhered to.
GREEN	Limited disclosure, restricted to the community.	Sources may use TLP:GREEN when information is useful for the awareness of all participating organizations as well as with peers within the broader community or sector. Recipients may share TLP:GREEN information with peers and partner organizations within their sector or community, but not via publicly accessible channels. Information in this category can be circulated widely within a particular community. TLP:GREEN information may not released outside of the community.
WHITE	Disclosure is not limited.	Sources may use TLP:WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction.