Understanding that Computer Security Incident Response Team (CSIRTs) exist to protect and defend from cyber-attacks particularly on sensitive critical/strategic infrastructure that may have an impact on national or economic security and public safety. The OCWAR-C Project has to date conducted trainings for Member States on the Basics of CSIRT (Software Environment and Managerial Aspects) in English, Portuguese, and French.

These trainings were open to all countries regardless of their CSIRT maturity level or the existence of a CSIRT. The next set of training sessions are specialised and will focus on Incident handling and Threat Analysis for Member States with operational CSIRTS.

To train participants in standardized procedures and methods, to be used for prompt and efficient response, documentation, analysis, reporting of incidents, and ongoing management. Those standardized procedures and methods will be specific to different cases of incident: Botnet, Phishing, Malware (Ransomware, Spyware, Keyloggers, Trojans, Viruses), Web Defacement/Intrusion, Distributed Denial-of-service, etc.