Strengthening security and building technical excellence of Tibetan organizations through collaboration and knowledge sharing

Who We Are?




Services

These are some of the services which will be provided to a member organization. The services are outlined below:

Training on Digital Security

Organizational Security Audit

Guidance of secure tools and infrastructure deployment

Digital Security Policy Development and Implementation

Digital Security Incident Response

TibCERT will deploy a helpdesk and members would have priority in terms of response.

TibCERT members will also be invited to participate in trainings on Digital Security and Incident handling to further their own knowledge and capacity.

Membership

TibCERT aims to build a coalition-based structure for preventing and mitigating online threats in the Tibetan Community. To achieve this goal, support services are provided through a membership model. To become a member of TibCERT there are certain criterias which needs to be fulfilled:

Member organization must commit a staff member to join the TibCERT Response working group.

All staff of the office/organisation must be trained on basic Internet security by a response working group member or in a place where Tibet Action has a Digital Security Ambassador. Training will be provided according to the specific needs of the organization.

The organization must have an established digital security policy or commit to developing and implementing a digital security policy in collaboration with a member of the response working group within 6 months of joining TibCERT. In places where Tibet Action has a Digital Security Ambassador, the development of the digital security policy will be conducted by the Digital Security Ambassador.

The organization must be willing to share data on threats they see in their organization (e.g., suspicious emails, malware, etc) with members of TibCERT to help mitigate threats and conduct research by RECON working groups. All groups will abide by specific protocols for how information is shared within TibCERT. This sharing will be guided through Traffic Light Protocol which is a standard used in the information security industry.

The organization must comply with the Traffic Light Protocol for sharing data which is a standard used in the information security industry (available on TibCERT website).

Cost

At present, there is no membership fee for join TibCERT. To ensure the long term sustainability of this important initiative, in the future the membership may decide on a fee-based membership structure. TibCERT is a community based project and community support is essential for sustainability!

Traffic Light Protocol (TLP)

This TLP defines how TibCERT facilitates greater sharing of information and is part of the TibCERT policy in terms of information sharing between:



TibCERT and TibCERT members

TibCERT and the Tibetan community

TibCERT with cybersecurity researchers

TibCERT and the advisory council



TibCERT uses the TLP as defined by FIRST(Forum of Incident Response and Security Teams).

About

The Tibetan Computer Emergency Readiness Team (TibCERT) seeks to create a formal, coalition-based structure for reducing and mitigating online threats in the Tibetan community, as well as to expand Tibetans’ technical research capacity on threats in the diaspora and surveillance and censorship inside Tibet, ultimately ensuring greater online freedom and security for Tibetan society as a whole.

Contact Us

E-Mail:

info@tibcert.org

PGP Key