Security Alert Monitoring and Early Warning
Monitor security vulnerability and development of viruses & worms. When necessary, we issue alerts to warn the public to mitigate the impact of these threats.
Incident Report and Response
Provide free 24-hour hotline services for incident reporting and give advice on incident response and recovery. All the reported incidents will be kept confidential. For cross-border incidents, we can seek assistance from overseas CERT teams.
Publication of Security Guidelines and Information
Publish security alerts, security guidelines, infosec express and news on our website. We also publish monthly security newsletter to subscribers. The information is provided in both English and Chinese.
Promotion of Information Security Awareness
Organize free seminars and briefings to promote information security awareness among the general public.
HKCERT is always in a prepared mode to respond quickly and efficiently to incidents reported to us, and to disseminate security alerts to the public in a timely and professional way through the appropriate channels. Our performance indicators and targets are:
- To answer ALL incident calls, and to provide first response for 90% of all reported cases within one working day. For cases that do not require third party actions, our target is to ensure 80% of such cases will be resolved and the lead time to resolve will be within 30 working days. For cases that require third party actions, our target is that for cases that can be referred to a third party, 90% of these cases would be submitted to the parties concerned within one working day. For cases that require third party actions and can be tracked directly (including those in the categories of phishing, malware hosting, malicious content redirect and defacement), our target is to ensure 60% of these cases are resolved and the lead time to resolve will be within 30 working days.
- To collect security-related information from security organizations, make judgments on the impact to Hong Kong, and decide whether to disseminate the information. For information that requires to be disseminated, our target is to ensure 80% of such information will be sent to our subscribers before 11am that day.
- To organize seminars, publish guidelines and checklists. In this year, there will be one full-day and one half-day seminars.
HKCERT is committed to maintain a good co-ordination network with related parties, including the Office of the Government Chief Information Officer (OGCIO) of the HKSAR government, the Hong Kong Police Force, Internet Service Providers, Domain Name Registries in Hong Kong, Overseas Computer Emergency Response Teams and other information security vendors to ensure our response work will be carried out effectively.