• TESPOK-iCSIRT

  •  iCSIRT is the Industry Computer Security and Incident Response Team (iCSIRT) for TESPOK.  We work closely with the Information Security community to detect, report and investigate incidents that pose a threat to the security of our members’ information systems. We also investigate other forms of network abuse such as spam, phishing, host compromises, denial-of-service attacks and host vulnerabilities.  Information security threats are not limited to particular networks or national boundaries, and we work with other CSIRTs across the world to manage and resolve incidents. We have built strong relationships with other security researchers and sources of security reports to ensure we provide you with a fast and effective response.
    • Mission Statement

    • Our mission is to safeguard the current and future network security of TESPOK and of our peering members, enabling a secure environment for online activities. Our primary function is to monitor and resolve any security incidents that occur on the TESPOK member network, with specialists tracking a range of platforms, including Unix, Linux and Windows.
    • Constituency

    • Services are offered to peering member ISPs as the official constituency, with shared authority, through their respective Security Points of Contact. Due to the geographical scope of incidents, we assist other organizations and agencies in their investigations, connecting them to our trusted security points of contacts within the community.
    • Policies and Procedures

    • The iCSIRT offers the below services using security policies and procedures put in place for the Kenya Internet Exchange Point, relevant security policies from the peering ISPs and industry-wide Information Security best practices. The main form of incident reporting is by email to icsirt(at)tespok.co.ke. The level of support and collaboration with other external CSIRTs depends on type and criticality of incident reported by constituencies. Collaboration with other 3rd parties such as subject matter experts or law enforcement depends on the type of incident reported and its complexity.
    • Services

      • We identify, analyze, correlate and investigate cyber threats to prevent future attacks. Enterprises and institutions can report an incident by sending an email to icsirt(at)tespok.co.ke or call for assistance in the event of a computer security incident.

      • We track and monitor high severity malicious activity targeting respective local enterprises and institutions. The main output of this service is the generation of weekly, monthly, quarterly and annual statistics to member ISPs and to the general public.

      • We provide up to date data and statistics on vulnerabilities relevant to the Kenyan cyberspace as well as providing comprehensive tailor made report updates to vulnerable enterprises. TESPOK-iCSIRT is in a position to guide best practices and industry standards by analyzing emerging system or application vulnerabilities, and generating reports to peering ISPs. This is a proactive service aimed at preventing exploit of vulnerabilities in the ISP systems.

      • We offer information security awareness training to ensure Kenyan Internet users and organizations are equipped with knowledge and approaches to detect and prevent cyber threats. Through organized events, trainings and workshops, the TESPOK-iCSIRT develops cyber security material to create awareness for professionals within the ISP community.