CERT SECURITY ESSENTIALS 2023

“Building Cyber Champions: Stronger Nation through Cyber Awareness and Action”

Event Briefer
Table of Contents
I. BACKGROUND 3
A. Rationale 3
B. Objectives 3
C. Target Venue and Participants 4
D. Timeline of Events 4
E. How to join 5

II. EVENT INFORMATION 6

A. Requirements 6
B. Methodology 6
a. CERT Security Essentials Course Outline 6

III. DRILL EVALUATION AND FEEDBACK 7

IV. FREQUENTLY ASKED QUESTIONS 7

I. BACKGROUND
A. Rationale
As stated under Section of the 2016 Implementing Rules and Regulations (IRR) of the
Department of Information and Communications Technology Act of 2015 (RA 1084), the
department is mandated “to facilitate international cooperation on intelligence,
investigations, training and capacity building related to cybercrime prevention,
suppression, and prosecution.”

2
 DICT recognizes that the issue of protecting sensitive data is challenging for certain
agencies and for each independent individual, especially if there is a limitation in
cybersecurity knowledge. Therefore, DICT aims to achieve a more informed general
public so everyone can contribute to the country's fight against threats in the digital
space.

One of the major activities of the DICT-CERT-PH for CY 2023 is the conduct of CERT
Security Essential Training. This is a comprehensive cybersecurity activity that
focuses on providing participants with a deep understanding of the technical aspects of
cybersecurity and CERT operations. The operational component will focus on the
technical procedures and practices of Computer Emergency Response Team (CERT)
operations. Further, the activity is designed to provide attendees with the knowledge and
skills needed to protect their organizations from cyber threats and to effectively respond
to cyber incidents.

B. Objectives
Anchored on this year’s theme “Building Cyber Champions: Stronger Nation through
Cyber Awareness and Action”, this activity is a continuous commitment of the DICT to
robust the country’s capacity to respond to any cyber-attacks. This is intended for IT
professionals, security practitioners, and anyone who is interested in learning
cybersecurity and CERT Operations especially those who has policy and management
backgrounds

CERT Security Essentials aims to provide the participants with the knowledge and skills
needed to protect their organizations from cyber threats and to effectively respond to
cyber incidents. In addition, this will enhance the confidence and capacitate potential
‘trainers’ who will eventually re-echo, relay and provide technical assistance to their
respective stakeholders under their jurisdiction through the application of learning they
will be acquiring from this training.

Lastly, the activity is also expected to empower individuals with the knowledge and skills
necessary to protect their personal and professional digital assets, and to contribute to
the overall security and resilience of the country.

C. Target Venue and Participants

● The CERT Security Essentials Training is a nationwide activity to be carried out in
all regions. For region ___, the activity will be conducted at ___________________,
on ___________________.

● The competition is open to all IT professionals, security practitioners, and anyone

who is interested in learning about cybersecurity and CERT Operations, especially
those who have policy and management backgrounds.

D. Timeline of Events

3
 CERT SECURITY ESSENTIALS SCHEDULE OF ACTIVITIES
REGION DATE LOCATION

XII August 31 General Santos City

PROPOSED PROGRAM AND BREAKDOWN OF PARTICIPANTS

DAY 0 Arrival

Registration, Invocation and Participants

CERT SECURITY National Anthem ● 3 CERT-PH
ESSENTIAL Personnel
TRAINING Opening Remarks ● 7 Regional office
Personnel
(8AM-5PM) ● 40 Participants
Discussion of Training Timeline
Total 50
Training Proper

Table Top Exercises

Homebound/Departure

E. How to join
Screening/ Selection Process
a. The concerned region is expected to facilitate the call for participants which includes
publication of events and direct coordination with the organizations for sending the
letter of invitation and endorsement of the list of interested applicants.

b. Depending on the type of training they preferred, regions can endorse as many
interested applicants as possible. However, to narrow down the large pool of
participants to a smaller group based on the approved number of pax (40), a pre-
assessment exam will be conducted by the DICT regional office upon registration.
Only those who will pass or meet the minimum required score will be qualified to join
the training.

II. EVENT INFORMATION

4
 A. Requirements
Mechanics/ Decorum
a. Register for the activity in advance, if possible.
b. Arrive on time or earlier to allow more time for any necessary preparations.
c. Engage actively with the seminar, including asking questions and taking notes.
d. Show respect for the organizers, speakers, and fellow attendees by following any
rules or guidelines, being attentive and courteous, and refraining from disruptive
behavior.

Activity Requirements
a. Each participant is required to bring their own devices (e.g. laptop, tablet or
cellphone)
b. Gadgets should be able to connect to the internet to allow participants to answer pre-
assessment and post-assessment activities

B. Methodology
Participants will engage with various technical aspects of cybersecurity and CERT
operations. The operational component of the seminar will focus on the technical
procedures and practices of Computer Emergency Response Team (CERT) operations.
Depending on their preferred module, the seminar is designed to provide attendees with
the knowledge and skills needed to protect their organizations from cyber threats and to
effectively respond to cyber incidents. Participants will perform different table top
exercises relevant to their chosen activity module below:

CERT Essentials Training of Trainers Course Outline:

Module 1: CERT AND INCIDENT RESPONSE

● Setting Up CERT
● Incident Response Lifecycle

Module 2: COLLABORATIVE CERT OPERATIONS IN HANDLING CYBERSECURITY

● Frontline services (Incident response, VAPT, Threat Monitoring)
● Incident reporting, coordination, and escalation processes
● Cyber Threats Information Sharing
● Common cyber attacks
● Introduction to CERT-PH Cyber Drill
● Introduction to the establishment of CIIs Point-of-Contacts

Module 3: THREATS AND SCENARIO-BASED TRAINING, AND CERT

OPERATION TABLETOP
● In-depth Common threats presentation

5
 ● Tabletop exercises
● Cybersecurity Playbooks

*Important Notes
● Participants are expected to complete the exercises. This will require them to
exercise various skills necessary when responding to and investigating a cyber
incident.
● All instructions and guidelines shall come from the Rules of Engagement to be
provided beforehand and discussed by the CERT-PH during the preliminary
program.

III. DRILL EVALUATION AND FEEDBACK

● All participants are expected to fill out the CERT-PH Feedback Form that will be
used to improve future cyber drills.
● The form will be sent out during the event.
● Only those participants who have filled out the attendance and feedback forms will
receive a certificate of completion/ participation for the event.

IV. FREQUENTLY ASKED QUESTIONS (FAQs)

Q1. Who should attend the event?
● CERT Security Essentials will vary from the type of course choses by the region,
preferably IT practitioners and professionals from national government agencies.

Q2. Do we need a team to accomplish the activity?

● The whole activity will require teamwork.

Q3. Who can we contact if problems and issues are encountered during the event?
● There will be CERT-PH technical personnel available to assist if any problems or issues
arise all throughout the drill.

Q4. Can we allow non-registered participants to join the event?

● No, we will not accommodate additional participants past the registration deadline as this
may disrupt the event flow. Participants are required to attend the preliminary as
necessary technical details about the conduct of the actual drill will be discussed by the
facilitators.

Q5. How are we going to submit our application requirements?

6
 ● Interested participants may submit their Curriculum Vitae together with their Letter of
intent to the DICT Regional Office _____, with email address ____________ and contact
details _________

Q6. What are the expenses to be incurred during the event?

● Travel expenses of the participants to and from the venue and vice versa, shall be at their
own expense.
● Meals during the event (AM and PM snacks and lunch) will be provided including
registration kits, giveaways etc. Only participants are covered in the budget.