This policy brief examines how the design and functioning of national computer security incident response teams (CSIRTs) shape their ability to cooperate domestically and internationally.
Drawing on desk research and interviews with national CSIRTs and international and regional networks, the brief analyses how domestic institutional arrangements shape CSIRTs’ capacity to engage in effective information exchange and collaboration at the bilateral, regional and global levels.
The brief identifies key challenges and highlights good practices to enhance information exchange and coordination, as well as offering practical recommendations to support States in strengthening national CSIRTs and advancing responsible State behaviour in cyberspace.