Security and Incident Response teams manage the handling of information security incidents within their organisation or network - their tasks broadly range from prevention and awareness raising, via incident detection to the actual tracking and resolving of incidents and drawing lessons from that. The Trusted Introducer Service - a.k.a. TI - was established by the European CERT community in 2000 to address common needs and build a service infrastructure providing vital support for all security and incident response teams.
To safeguard the trusted environment a comprehensive set of processes have been defined, outlining what it takes to participate and maintain a team's status within the TI community. This requires a long-term committment of the participating teams and individuals and the TI processes emphasize the need for continuous improvement and maintenance as regular tasks.
The TI service differentiate between four categories:
- teams are
- listed, which provides basic information about the team itself as well as shows endorsement of the team by the TI community;
- accredited, which ensures a defined level of best practices and acceptance of the established TI policies for such teams;
- certified, if they have been accredited before and prove a confirmed level of maturity as defined by the TI SIM framework.
- security experts can participate as TI Associates.
The TI Accreditation and Certification requires regular efforts to maintain the team's status. Therefore the directory of the TI service can be trusted to reflect the actual and accurate snapshot of all such teams.
TI Certification is meant for those accredited teams who have internal and/or external reasons to have their maturity level gauged in an independent way. When the certification succeeds, the team can show this to their constituents, to their funding bodies, to other parties they want to cooperate with. The certified teams are and stay part of the community of accredited teams - the certification can be seen as extra branding providing it's own benefits for such teams.