Strengthening security and building technical excellence of Tibetan organizations through collaboration and knowledge sharing
Strengthening security and building technical excellence of Tibetan organizations through collaboration and knowledge sharing
These are some of the services which will be provided to a member organization. The services are outlined below:
Training on Digital Security
Organizational Security Audit
Guidance of secure tools and infrastructure deployment
Digital Security Policy Development and Implementation
Digital Security Incident Response
TibCERT will deploy a helpdesk and members would have priority in terms of response.
TibCERT members will also be invited to participate in trainings on Digital Security and Incident handling to further their own knowledge and capacity.
TibCERT aims to build a coalition-based structure for preventing and mitigating online threats in the Tibetan Community. To achieve this goal, support services are provided through a membership model. To become a member of TibCERT there are certain criterias which needs to be fulfilled:
Member organization must commit a staff member to join the TibCERT Response working group.
All staff of the office/organisation must be trained on basic Internet security by a response working group member or in a place where Tibet Action has a Digital Security Ambassador. Training will be provided according to the specific needs of the organization.
The organization must have an established digital security policy or commit to developing and implementing a digital security policy in collaboration with a member of the response working group within 6 months of joining TibCERT. In places where Tibet Action has a Digital Security Ambassador, the development of the digital security policy will be conducted by the Digital Security Ambassador.
The organization must be willing to share data on threats they see in their organization (e.g., suspicious emails, malware, etc) with members of TibCERT to help mitigate threats and conduct research by RECON working groups. All groups will abide by specific protocols for how information is shared within TibCERT. This sharing will be guided through Traffic Light Protocol which is a standard used in the information security industry.
The organization must comply with the Traffic Light Protocol for sharing data which is a standard used in the information security industry (available on TibCERT website).
Cost
At present, there is no membership fee for join TibCERT. To ensure the long term sustainability of this important initiative, in the future the membership may decide on a fee-based membership structure. TibCERT is a community based project and community support is essential for sustainability!
This TLP defines how TibCERT facilitates greater sharing of information and is part of the TibCERT policy in terms of information sharing between:
TibCERT and TibCERT members
TibCERT and the Tibetan community
TibCERT with cybersecurity researchers
TibCERT and the advisory council
The Tibetan Computer Emergency Readiness Team (TibCERT) seeks to create a formal, coalition-based structure for reducing and mitigating online threats in the Tibetan community, as well as to expand Tibetans’ technical research capacity on threats in the diaspora and surveillance and censorship inside Tibet, ultimately ensuring greater online freedom and security for Tibetan society as a whole.
