A computer emergency response team (CERT) is an expert group that handles computer security incidents. It is the internet’s official emergency team.

Functions:

  1.  It deals with cyber security threats like hacking and phishing.
  2. It helps to identify and respond to cyber risks and limit their impact on operations.
  3.  It also collaborates with security operations center teams to establish detection rules and coordinate responses.

Nepal, being a developing country, must think for better security system to be deployed with the implementation of Information system for effective and efficient utilization of the resources. The deployment of e-government system and the back-end network infrastructure deployments are slowly progressing. With these perspectives, keeping organizational information assets secure in today's interconnected computing environment is a true challenge that becomes more difficult with each new IT-based product and each new global IT threat. Most organizations realize that there is no single solution or panacea for securing systems and data; instead a multilayer security strategy is required. One of the layers that many organizations require in their strategy today is the creation of and National IT Emergency Readiness/Response Team, generally called an ITERT or Computer Emergency Response Team (CERT). 

The CERT proposed in Nepal by Department of Information Technology, Training, Research and Development Section as ITERT to provide the following 24x7 services:

  1. Publish security alerts
  2. Perform Information security Audits and Assurance
  3. Conduct Cyber Security Awareness and Training
  4. Perform  Analysis and Forensic investigation of cyber incidents
  5. Response to cyber security incidents
  6. Coordination with global and local agencies towards Cyber crime

The Department of Information Technology (DoIT), Training, Research and Development Section have recently formed CERT Committee under the supervision of Director General of DoIT for the design and implementation of Nepalese CERT.

The CERT Committee has formed as follows:

  1. Director General - Department of Information Technology --- Co-Ordinator
  2. Office of Prime Minister and Council of Ministries --- Member
  3. Ministry of Home Affairs --- Member
  4. Ministry of Science and Technology --- Member
  5. Ministry of Law Justice and Parliamentary Affairs --- Member
  6. Nepal Rastra Bank --- Member
  7. Nepal Telecommunication Authority --- Member
  8. Nepal Army --- Member
  9. Nepal Police, Central Investigation Bureau --- Member
  10. Office of Controller of Certification --- Member
  11. IT Officer, Department of Information Technology, T, R&D Section --- Member
  12. Director, Department of Information Technology, T, R&D Section --- Member Secretary

The above CERT Committee are responsible for the addressing the legal mandates in upcoming IT Umbrella ACT of Nepal, and also responsible for identification of IT Infrastructure, Hardware and Software as well as the Security tools for the NPCERT.

CERT related services provided by DoIT in line with NPCERT are:

  1. IT System Audit
  2. Website and Web application Audit
  3. Vulnerability Assessment and Penetration Testing
  4. Cyber Security Awareness and Training
  5. IT System Security specific Training for building the capacity of Team member
  • NP CERT
    NP CERT

    NP CERT

    A computer emergency response team (CERT) is an expert group that handles computer

  • G Cloud
    G Cloud

    G Cloud

    Government Cloud is a government cloud platform which provide free cloud infrastructure facilities to the government bodies. GCloud provides the tools and technologies to abstract the underlying infrastructure in an easy and standardized consumption model

  • E-Attendance
    E-Attendance

    E-Attendance

    E-Attendance is an online attendance system which helps to manage

  • IT Profiling
    IT Profiling

    IT Profiling

    IT Profiling gives information about different applications and software

  • E-Village
    E-Village

    E-Village

    E-Village means access of information technology to the rural level by development, extension and promotion of areas including public services (e-service), education, health, agriculture, tourism, and local development. The main purpose of this program is

  • Digital Content
    Digital Content

    Digital Content

    Digital content is any content that exists in the form of digital data.

  • Mobile Apps
    Mobile Apps

    Mobile Apps

    Mobile Applications

  • GEA
    GEA

    GEA

    To achieve the goals and objectives of the Government of Nepal Concept of the GEA implementation and egovernance rule of international practice it is recommended for the hardware when the GEA Technology, Information Management System Development Director

  • Training
    Training

    Training

    The major objective of the Training, Research and Development Section of Department of Information Technology (DoIT) is to provide training and capacity building programme as well as the cybercrime and cyber security awareness and training within the Gov

  • E-School
    E-School

    E-School

    E-School is a feature-rich collection application