What is a CSIRT? A CSIRT (Computer Security Incident Response Team) is a team specialising in managing IT security incidents. Its main function is to detect, analyse and respond to cybersecurity incidents in order to minimise their impact and improve digital resilience.

What is a security incident? A security incident is any event that compromises the integrity, confidentiality or availability of an organisation's data or systems. It can be caused by malicious activities, such as malware attacks, or by human error, such as unauthorised access.

What services can a CSIRT provide? A CSIRT can offer a variety of services, including:

• Incident detection and analysis: Monitoring and analysis of security events.
• Incident response: Coordination and execution of actions to mitigate the impact of incidents.
• Prevention: Implementation of measures to prevent future incidents.
• Education and awareness: Training and dissemination of good security practices.

How can I report an incident? To report a security incident, you should generally follow these steps:

• Disconnect the affected device from the network to prevent the incident from spreading.
• Inform your organisation's IT team or CSIRT by filling in the form on the website.
• Provide details about the incident, such as the type of threat and the systems affected.  

Who can help me if I have a cybersecurity incident? If you have a cybersecurity incident, you can seek help from:

• Your organisation's CSIRT.
• Companies specialising in cybersecurity.
• Competent authorities, such as cybercrime units.

What is malware? Malware is malicious software designed to damage, exploit or gain unauthorised access to computer systems. It includes viruses, worms, Trojans, ransomware, spyware and other types of software.

What should I do if I have ransomware? If you are a victim of ransomware, follow these steps:

• Stay calm and assess the situation.
• Disconnect the device from the network to prevent further spread.
• Do not pay the ransom, as it does not guarantee the recovery of your data.
• Report the incident to the authorities and seek help from cybersecurity experts.
• Check if you have backups and use decryption tools if available.