Who We Are

SzCIRT is the Computer Incident Response Team (CIRT) for Eswatini and acts as a focal point in coordinating cybersecurity incidents for the Government Departments, Internet Service Providers, and other relevant entities within the country.  SzCIRT   monitors incidents, provides early warnings, disseminates information and enforces cybersecurity standards and minimum specifications for Eswatini.

Mission

To provide information and assistance to the constituents of Eswatini in implementing proactive measure to reduce the risks of information security incidents as well as responding to such incidents as and when they occur.

Vision

To provide information and assistance to the constituents of Eswatini in implementing proactive measure to reduce the risks of information security incidents as well as responding to such incidents as and when they occur.

Mandate

The SzCIRT shall:

  • establish and maintain trust with its stakeholders, including national and international entities that are involved in management of cyber security incidents;
  • maintain a trusted National focal Point of Contact (PoC) within and beyond the national boarders that responds to cyber security incidents;
  • develop, maintain, adopt, communicate and enforce cyber security standards, minimum security specifications and security requirement to its stakeholders;
  • enforce telecommunications providers to take corrective action to support incident response
  • define and communicate SzCIRT services to its stakeholders;
  • devise, define and develop communication approach and mechanisms to be used to share and disseminate information to service providers, stakeholders and enable them to share any such information;
  • develop and deliver a set of crucial reactive and proactive services to the stakeholders;
  • forecast and broadcast alerts on cyber security incidents;
  • issue guidelines, advisory and vulnerability notes relating to information on security practices, procedures, prevention, response and reporting of cyber threats;
  • coordinate the response of cyber security incidents at national level, and collaborate with other relevant organizations in response to such incidents;
  • raise awareness and enhance technical capacity in the area of cyber security;
  • escalate the security and other related incidences to national security and law enforcement agencies for further action, including prosecution;
  • perform on demand and scheduled security assessment to critical ICT infrastructure and critical services in order to assess their vulnerabilities to cyber security threats;
  • provide second opinion for the forensic investigation requested by law enforcement agencies;
  • carry out such other functions related to cybercrimes as may be prescribed by the National Cybersecurity Agency and the Commission;
  • handle and monitor cybersecurity incidents;
  • strengthen stakeholder’s defence capability against existing cyber security threats by monitoring and blocking cyber-attacks.
  • proactively provide early warning on eminent cybersecurity incidents;
  • participate on development and implementation of Cyber Security incident simulation scenarios and programs;
  • encourage and facilitate the establishment of sector SZCIRTs.