Security and Incident Response teams manage the handling of information security incidents within their organisation or network - their tasks broadly range from prevention and awareness raising, via incident detection to the actual tracking and resolving of incidents and drawing lessons from that. The TrustBroker Africa - a.k.a. TBA - was developed in 2020 to address common needs and build a service infrastructure providing vital support for all security and incident response teams from Africa. The processes to join the TBA community are aligned with those of the TI Service for Europe to provide a compatible approach and common understanding for both the African and European community.
To safeguard the trusted environment a comprehensive set of processes have been adopted, outlining what it takes to participate and maintain a team's status within the TBA community. This requires a long-term committment of the participating teams and individuals and the TBA processes emphasize the need for continuous improvement and maintenance as regular tasks.
The TBA service differentiates between three categories:
- listed, which provides basic information about the team itself as well as shows endorsement of the team by the TBA community;
- accredited, which ensures a defined level of best practices and acceptance of the established TBA policies for such teams;
- security experts can participate as TBA Associates.
The TBA Accreditation requires regular efforts to maintain the team's status. Such efforts are also expected from TBA listed teams. To ensure a high level of trust within the TBA community, listed teams that have not become accredited within three years are required to demonstrate the continuous support of the listing by the TBA community. This is called "re-listing". Therefore the directory of the TBA service can be trusted to reflect the actual and accurate snapshot of all teams shown regardless of their status.
Although many years have passed since the first team was created back in 1988 at the Carnegie Mellon University / SEI (Pittsburgh, PA, USA), only very few standards apply to these processes. To provide a consistent overview for anyone interested, the different de-facto standards are explained here