National Contingency Plan

GOVCERT in the national contingency plan In the event of a serious technical vulnerability or cyber attack affecting the information systems of the private and/or public sector on a large scale, the national contingency plan is activated. Several managing bodies are set in motion to ensure immediate responses and appropriate countermeasures wherever required.

The Crisis Unit (CC, Cellule de crise) initiates and coordinates all actions and ensures that the measures destined to address the situation and its impacts are implemented. The director of the governmental CERT (GOVCERT.LU) is part of the Crisis Unit.

The director of the governmental CERT (GOVCERT.LU) also chairs the Cyber Risk Assessment Unit (CERC, Cellule d’évaluation du risque cyber). Its role is to monitor any critical national cyber-security incident or threat and to continuously keep the Crisis Unit informed.

The Cyber Risk Assessment Unit is made up of experts and offers a strengthened surveillance and vulnerability analysis within the national contingency plan. It identifies potential targets, listed according to the type of attack, and ensures an upgrading and protection of threatened information systems. The unit can implement protective measures where targets have been confirmed and preventive measures where potential targets have been determined. It can also partially or totally isolate a target if deemed necessary,

In the case of a large-scale cyber threat, the general public will be informed about the situation by the government and on the www.infocrise.lu website.