Under the strategy, the government will set up a university course in the field of information security aimed at mitigating the risk of having a lack of experts in information security, which would impede the development of the country's security’s ecosystem.

There are plans to offer aid for specific training in the field of information security. Such aid will be associated with the lifelong training of experts, so as to encourage them to attend, for example, conferences and other relevant events.

The development of specialised training aimed at multidisciplinary teams will be considered with a view to addressing the shortage of experts in the security field, while taking into account the interconnectivity of tools.

Appointments will be given to people in charge of information security within each state entity. A training plan for these people will be set up  and exchange platforms for these experts created.

In the private sector, leaders will be encouraged to provide information security managers with resources to implement effective protection measures. Efforts will be made to improve communication and collaboration between teams in charge of different missions: information security, compliance, management, customer management, etc.

In October 2017, SECURITYMADEIN.LU launched the Cybersecurity Competence Center (C3) to further strengthen the Luxembourg economy in the field of cybersecurity. Its Mission is to:

• Offer G-to-B-to-B services together with partners
•  Foster long-term wealth and competence building
•  Increase Luxembourg’s attractiveness and reputation in cybersecurity

Its three competence areas are: Observe, train, test. Its service catalogue includes:

• CASES.lu: Be Aware, Cybersecurity for Everyone.
• CASES.lu: MONARCH - Optimised risk analysis method. 
• CIRCL.lu: MISP Training, Threat Intelligence Analyst and Administrators.

Start-ups offering innovative solutions are among the needs identified within the Luxembourg digital security ecosystem. This need will be taken into account when defining priorities in the field of research, by promoting the creation of Start-ups.

University of Luxembourg/Luxembourg Institute of Science and Technology (LIST) – Master in Information System Security Management. Student Intake: 15. European Credit Transfer System (ECTS): 60. Focus: System security, network security, component security, SW security with some forensics.

Individual coaching and courses are taught in small groups, internationally renowned professors, multidisciplinary approach promoting knowledge sharing and exchange of experiences, Participation in the Information Security Education Day (ISED), Programme supported by two professional associations: CLUSIL and CPSI. Programming, networking, operating systems, databases etc, before spending two years specialising in a variety of cybersecurity topics including network security analytics, secure programming, pen testing, computer/network forensics, business continuity.

Five public and private players (Ministry of Economy, SECURITYMADEIN.LU, Luxinnovation, Excellium and PwC Luxembourg) are gathered to create the Cybersecurity Week Luxembourg in the framework of the European Cybersecurity Month (ECSM), an annual advocacy campaign organised by the European Union Agency for Network and Information Security (ENISA) and the European Commission to promote cybersecurity internationally.

The event helps develop cybersecurity initiatives led by public and private sector players, as well as encourage the development of a cybersecurity start-up ecosystem encompassing innovative firms from both Luxembourg and abroad, investors, and individuals with skills in the field.

The CYBERWISER.eu CyPR is all about boosting opportunities in the cybersecurity marketplace. 

This European Cybersecurity Professional Register is the place where professionals, juniors or seniors, age can promote their specific skill sets and experiences in cybersecurity, courses taken and qualifications.

Organisations of any size or sector from SMEs to large companies and public institutions can find and contact the right skills and experiences they need to improve their IT security posture.

January 2021. 

The information contained here is based on desk research carried out by CYBERWISER.eu, including the ENISA interactive maps on national strategies and educational courses. 

ANSSI, the national agency for the security of information systems, defines policies and guidelines for the security of classified and unclassified information, ensures that norms and standards are established, that the measures regarding the security of information systems are implemented and that the application is guaranteed, and also certifies the means of processing of unclassified information (digital systems, services, infrastructures).

Since 2015, ANSSI acts a nation Computer Emergency Response Team (CERT) and ensures the hosting of the government's CERT - GOVCERT.LU, and serves as the line of command for all active players in the field of cybersecurity in relation to the public sector and critical infrastructure. Its mission therefore also includes co-operation with all suitable private sector stakeholders, if necessary, by means of formalised co-operation agreement

GOVCERT.LU - government and critical infrastructures. It oversees the management of cyber-security incidents compromising Luxembourg, its citizens or its economy and is responsible for receiving, reviewing and responding to reports of such. NCERT.LU (National CERT) acts as the official national point of contact for national and international governmental CERTs.

GOVCERT.LU

• Email completed Incident Reporting Form (FRM 702 docx txt) to soc@govcert.etat.lu
• Using the Online form (www.govcert.lu/online_form) - Incidents reported using this form are encrypted prior to transmission thus enabling anonymous reporting.
• Using the online file encrypt to securely encrypt files on your computer prior to reporting them to us without the need to install aditional software. The resulting files will only be readable by GOVCERT.LU

Whenever possible, constituents should use the incident reporting form (FRM 702 docx txt). Non-constituents, however, should use the online form or contact our SOC directly by email.

CIRCL.LU

• Team Email: info@cirl.lu
• Telephone: +352 247 88444
• Reporting form: www.circl.lu/contactform/

RESTENA-CSIRT

• Team Email: csirt@restena.lu
• Reporting form: www.restena.lu/csirt/Pdfs/CSIRTReportingForm.txt

Healthnet CSIRT - Private users

• Telephone Helpline BeeSecure: 8002 1234 (Monday-Friday: 09:00-17:00)
• Use this link to report security breaches or images of youself or your home: Healthnet CSIRT (securitymadein.lu/about-us/helpline/)

Healthnet CSIRT - Businesses

•  Team Email: help@cases.lu

Healthnet CSIRT - IT Community

• Team Email: info@circl.lu
• Reporting Form: http://circl.lu/contactform/

January 2021. 

The information contained here is the result of desk research carried out by CYBERWISER.eu.