- API SITNA en la oferta de soluciones de software libre del Centro de Transferencia de Tecnología
- New version of THUS (v2.2.0)
- Change in high procedures of users in cl@ve
- The service ACCESSES in the cloud, @asLAN Award in the category of Digital Services Shared
- Procedure for the accession to the convention centre of printing AEAT since Notifies
- You are in:
- Start >
- CTT - solutions >
- LUCIA (coordination Unified List of incidents and threats) >
Consolidated List for the Coordination of Incidents and Threats (LUCIA)
- Short Name:
- The Consolidated List for the Coordination of Incidents and Threats (LUCIA) is a tool developed by the National Computer Emergency Response Team at the National Cryptology Centre (CCN-CERT) for the management of cyber-incidents in the bodies/units in which the National Security Scheme (ENS) is applied. It is aimed at improving coordination between CERT and the organisations or bodies it works with. It is based on the Request Tracker (RT) and Request Tracker for Incident Response (RT-IR) systems (the latter used in incident response equipment), having been customised to meet CCN-CERT requirements and procedures and to comply with ENS.
- Target audience:
- Business, Any Public Administration
- Network service insertable in customers applications, Installable product
- Type of Solution:
- Application, Infrastructure or common service
- Status of the Solution:
- Organic area:
- Technical area:
- Management of services and systems , Communications infrastructure and messenger , Horizontal services for the AA.PP
- Functional area:
- Government and public sector, Health
- GPL (GNU General Public License)
- Interoperability level:
The Consolidated List for the Coordination of Incidents and Threats (LUCIA) is a tool for the management of cyber-incidents in the bodies/units in which the National Security Scheme (ENS) is applied. It is aimed at improving coordination between the National Computer Emergency Response Team (CERT) and the organisations or bodies it works with.
LUCIA features a common language for the classification of incidents in terms of danger, and for incident traceability and follow-up. Besides, it allows for task automation and integration into already implemented systems.
LUCIA enables the management of three types of cyber-incidents:
• Incidents within the organisation/body itself.
• Incidents from the Early-Warning System of the SARA network (SAT-SARA).
• Incidents from the Early-Warning System of the Internet (SAT-INET).
• Incident management tool in the absence of other tools or in case a special tool is required for this purpose.
• Compliance with ENS standards and CCN-STIC-817 guideline for incident management within the ENS.
• Common language for incident classification in terms of danger in accordance with CCN-STIC-403 and CCN-STIC-817 guidelines, based on a two-level system approved by international organisations.
• Improved coordination with the CERT at the National Cryptology Centre (CCN) (CCN-CERT) and other organisations using its services through security incident integration with CCN-CERT.
• Improved exchange of information about security incidents.
• Incident traceability and follow-up.
• More effective management processes.
• Task automation and integration into other systems.
• Classification of incident closure and causes.
• Knowledge databases.
• Better management of SAT-SARA and SAT-INET projects