TWCERT/CC

Stakeholders of TWCERT/CC-Online Survey

 

 TWCERT/CC Newsletter Subscriber

& Taiwan CERT/CSIRT Alliance

Service Awareness and Usage Rate


The newsletter subscribers rated "product vulnerability reporting" and "cyber security information sharing" as the highest in satisfaction, averaging 4.47 and 4.4 respectively, with around 90% positive feedback. "Promoting cyber security awareness" ranked the third with an average score of 4.37 and similar positive feedback. Even the lower-rated "report and respond cyber security incidents" service received 4.18 in score and 80% positive feedback.

Alliance members rated "report and respond cyber security incidents" as the highest in score of 4.54, with 100% positive feedback. It is followed by "promoting cyber security awareness", with an average score of 4.52 and 95% positive feedback. "Cyber security information sharing" ranked the third with an average score of 4.42 and 90% positive feedback. Even the lowest rated "malicious file detection service" scored above 4.2 and garnered 80% positive feedback.

Overall, the alliance members rated "cyber security information sharing", "report and respond cyber security incidents", and "promoting cyber security awareness" higher than the newsletter subscribers. On the other hand, satisfaction with "product vulnerability reporting" was slightly higher among the newsletter subscribers.

Created with Highcharts 10.3.2 Cyber security information sharing Very unsatisfiedVery un… Very unsatisfiedVery un… UnsatisfiedUnsatisf… UnsatisfiedUnsatisf… Neutral Neutral Satisfied Satisfied Very satisfiedVery satisfi… Very satisfiedVery satisfi… Very unsatisfied 0% Unsatisfied 0.6% Neutral 10.4% Satisfied 37.5% Very satisfied 51.5%
Created with Highcharts 10.3.2 Report and respond cyber security incidents Very unsatisfiedVery un… Very unsatisfiedVery un… UnsatisfiedUnsatisf… UnsatisfiedUnsatisf… Neutral Neutral Satisfied Satisfied Very satisfiedVery satisf… Very satisfiedVery satisf… Very unsatisfied 0% Unsatisfied 2.6% Neutral 16.7% Satisfied 40.4% Very satisfied 40.4%
Created with Highcharts 10.3.2 Promoting cyber security awareness Very unsatisfiedVery un… Very unsatisfiedVery un… UnsatisfiedUnsatisf… UnsatisfiedUnsatisf… Neutral Neutral Satisfied Satisfied Very satisfiedVery satisfi… Very satisfiedVery satisfi… Very unsatisfied 0% Unsatisfied 1% Neutral 10% Satisfied 39.7% Very satisfied 49.3%
Created with Highcharts 10.3.2 Malicious file detection service Very unsatisfiedVery un… Very unsatisfiedVery un… UnsatisfiedUnsatisf… UnsatisfiedUnsatisf… Neutral Neutral Satisfied Satisfied Very satisfiedVery satisfi… Very satisfiedVery satisfi… Very unsatisfied 0% Unsatisfied 4.3% Neutral 5.7% Satisfied 45.7% Very satisfied 44.3%
Created with Highcharts 10.3.2 Product vulnerability reporting(CVE) Very unsatisfiedVery un… Very unsatisfiedVery un… UnsatisfiedUnsatisf… UnsatisfiedUnsatisf… Neutral Neutral Satisfied Satisfied Very satisfiedVery satisfi… Very satisfiedVery satisfi… Very unsatisfied 0% Unsatisfied 0% Neutral 12.4% Satisfied 42.6% Very satisfied 45%

The average satisfaction score of the newsletter subscribers on the overall service quality of TWCERT/CC is 4.15, with 79% positive feedback. The overall satisfaction score for technical support is 4.08, with 77.6% positive feedback.

The average satisfaction score of the overall service quality of TWCERT/CC among the alliance members is 4.36, with 90.1% positive feedback. The overall satisfaction score of technical support is 4.22, with 85.7% positive feedback. The score of service quality and the technical support in the alliance members are slightly higher than that in the newsletter subscribers, with 10% and 5% higher satisfaction rate, respectively.

The newsletter subscribers showed over 80% trust in TWCERT/CC, with an average score of 4.1 for both trust and perceived service value, both represents an increase from last year.

The alliance members exhibited even higher trust in TWCERT/CC, with above 90% positive feedback and average scores of 4.51 for trust and 4.46 for service value. This indicates a notable improvement in trust and perceived value among the alliance members compared to the newsletter subscribers, with particularly significant increases in the "Totally agree" category.

Created with Highcharts 10.3.2 Service quality- Subscribers of Newsletter Very unsatisfiedVery un… Very unsatisfiedVery un… UnsatisfiedUnsatisf… UnsatisfiedUnsatisf… Neutral Neutral Satisfied Satisfied Very satisfiedVery satisf… Very satisfiedVery satisf… Very unsatisfied 0% Unsatisfied 0.5% Neutral 19.4% Satisfied 44.4% Very satisfied 35.7%
Created with Highcharts 10.3.2 Technical support- Subscribers of Newsletter Very unsatisfiedVery un… Very unsatisfiedVery un… UnsatisfiedUnsatisf… UnsatisfiedUnsatisf… Neutral Neutral Satisfied Satisfied Very satisfiedVery satis… Very satisfiedVery satis… Very unsatisfied 0% Unsatisfied 1.2% Neutral 21.1% Satisfied 45.6% Very satisfied 32.1%
Created with Highcharts 10.3.2 Trust to TWNIC- Subscribers of Newsletter Totally disagree Totally disagree Disagree Disagree Neutral Neutral Agree Agree Totally agreeTotally agr… Totally agreeTotally agr… Totally disagree 2.8% Disagree 0.7% Neutral 12.5% Agree 45.2% Totally agree 38.8%
Created with Highcharts 10.3.2 Value of TWNIC Service- Subscribers of Newsletter Totally disagree Totally disagree Disagree Disagree Neutral Neutral Agree Agree Totally agreeTotally agr… Totally agreeTotally agr… Totally disagree 2.8% Disagree 0.7% Neutral 13.9% Agree 42.3% Totally agree 40.4%
Created with Highcharts 10.3.2 Service quality-Taiwan CERT/CSIRT Alliance Very unsatisfiedVery un… Very unsatisfiedVery un… UnsatisfiedUnsatisf… UnsatisfiedUnsatisf… Neutral Neutral Satisfied Satisfied Very satisfiedVery satisfi… Very satisfiedVery satisfi… Very unsatisfied 0% Unsatisfied 0% Neutral 9.5% Satisfied 44.9% Very satisfied 45.6%
Created with Highcharts 10.3.2 Technical support- Taiwan CERT/CSIRT Alliance Very unsatisfiedVery un… Very unsatisfiedVery un… UnsatisfiedUnsatisf… UnsatisfiedUnsatisf… Neutral Neutral Satisfied Satisfied Very satisfiedVery satisf… Very satisfiedVery satisf… Very unsatisfied 0% Unsatisfied 0.7% Neutral 13.6% Satisfied 48.3% Very satisfied 37.4%
Created with Highcharts 10.3.2 Trust to TWNIC-Taiwan CERT/CSIRT Alliance Totally disagree Totally disagree Disagree Disagree Neutral Neutral Agree Agree Totally agree Totally agree Totally disagree 0% Disagree 0% Neutral 4.8% Agree 39.5% Totally agree 55.8%
Created with Highcharts 10.3.2 Value of TWNIC Service- Taiwan CERT/CSIRT Alliance Totally disagree Totally disagree Disagree Disagree Neutral Neutral Agree Agree Totally agree Totally agree Totally disagree 0% Disagree 0% Neutral 7.5% Agree 39.5% Totally agree 53.1%

Expectations and Preferences for Training Courses

For TWCERT/CC's forums and training sessions, 84.9% of newsletter subscribers expressed an expectation for "downloadable conference or course content summaries". Additionally, 66% hope for more "Chinese speakers or instant translation services", while 23.7% wish to see "more cybersecurity information issues" addressed, and 16.1% would like more international speakers. The alliance members share similar expectations to the newsletter subscribers, with a slightly higher demand for downloadable content summaries.

Created with Highcharts 10.3.2 Subscribers of TWCERT/CC Newsletter N=577 TWCERT/CC Member of CERT/CSIRT alliance N=132 Source: Online Survey (2023) Expectations and Preferences for Training Courses 84.9% 84.9% 66% 66% 23.7% 23.7% 16.1% 16.1% 2.4% 2.4% 87.9% 87.9% 65.9% 65.9% 24.2% 24.2% 13.6% 13.6% 0.8% 0.8% Subscribers of TWCERT/CC Newsletters N=577 TWCERT/CC Member of CERT/CSIRT alliance N=132 Downloadable conference or course content summaries Host Chinese speakers or provide instant translation More cyber security information issues, please describe in detail Host more international speakers Others, please describe in detail 0 20 40 60 80 100

Information Service
-Subscribers of
TWCERT/CC Newsletter

For the information released by TWCERT/CC, the overall attention score of newsletter subscribers is 3.7, 19.2% of the respondents always follow the latest news from TWCERT/CC, and 39.3% of the respondents often focus on it, less than 7 % rarely or never concern about the TWCERT/CC" s news.

Created with Highcharts 10.3.2 Information Service -Subscribers of TWCERT/CC Newsletter Never Never Rarely Rarely Sometime Sometime Often Often Always Always Never 0.9% Rarely 5.9% Sometime 34.7% Often 39.3% Always 19.2%

Information Service
-Taiwan CERT/CSIRT Alliance

The overall attention score of alliance members has increased by 0.2, reaching 4.07, and most of them are always concerned and often concerned (75.8% in total).

Created with Highcharts 10.3.2 Information Service -Taiwan CERT/CSIRT Alliance Never Never Rarely Rarely Sometime Sometime Often Often Always Always Never 0% Rarely 0% Sometime 24.2% Often 44.7% Always 31.1%

Newsletter subscribers want to learn more about cyber security issues, with the highest proportion of "security threats and protection trends" (88%). "Incident response process and practices" accounted for 71.4%, and about 60% of the respondents needed to introduce "latest cyber security standards" and "security topics on innovative tech (such as 5G, Vehicle, AI, etc.)".
For the alliance member, there is also a significant increase in the content of "security threats and protection trends" (97.7%), followed by "incident response process and practices" with 81.8%.

Created with Highcharts 10.3.2 Subscribers of TWCERT/CC Newsletter N=577 TWCERT/CC Member of CERT/CSIRT alliance N=132 88% 88% 71.4% 71.4% 61.4% 61.4% 56.2% 56.2% 34% 34% 1.2% 1.2% 97.7% 97.7% 81.8% 81.8% 75% 75% 50% 50% 40.9% 40.9% 0.8% 0.8% Subscribers of TWCERT/CC Newsletter N=577 TWCERT/CC Member of CERT/CSIRT alliance N=132 Security threats and protection trends Incident response process and practices Latest security standards Security topics on innovative tech such as 5G, in-vehicle computers, AI etc. OT/ICS security Others 0 20 40 60 80 100 120

The newsletter subscribers indicated that they usually obtain information about cyber security through "newsletter" (66.6%) and "official website" (61.7%), and 53% through "seminars or courses".
For the alliance members, "the official website" is the first choice (76.5%) to follow the information from TWCERT/CC. Then would be 72% of newsletters and 68.9% of seminars or courses.

Created with Highcharts 10.3.2 Subscribers of TWCERT/CC Newsletter N=577 Taiwan CERT/CSIRT Alliance N=132 Source: Online Survey (2023) 66.6% 66.6% 61.7% 61.7% 53% 53% 46.6% 46.6% 46.1% 46.1% 33.8% 33.8% 33.3% 33.3% 30.7% 30.7% 29.6% 29.6% 25.1% 25.1% 14% 14% 2.3% 2.3% 72% 72% 76.5% 76.5% 68.9% 68.9% 53% 53% 49.2% 49.2% 36.4% 36.4% 23.5% 23.5% 25% 25% 28% 28% 18.9% 18.9% 9.8% 9.8% 2.3% 2.3% Subscribers of TWCERT/CC Newsletter N=577 Taiwan CERT/CSIRT Alliance N=132 Newsletters Official Websites Seminars or Courses News Websites Search Engines Newspappers/magazines Social media sites Family, friends, or coworkers Online forums Online video platforms Blogs Other 0 10 20 30 40 50 60 70 80 90

Expectations and Recommendations

 

Most of the newsletter subscribers and the alliance members hope that TWCERT/CC could offer more cybersecurity case studies sharing and educational training. This includes expanding influence through online courses, as well as hands-on drills and onsite advocacy, to help businesses better understand cyber attacks, their impact, and response strategies. They also emphasize the optimization of existing services, expressing an expectation for TWCERT/CC to continually enhance various services, making interfaces more user-friendly and efficient, and improving the speed of reporting and information updates.

 

 
     Expected Content in the Future Newsletter Subscribers Taiwan CERT/CSIRT Alliance Members
none 430 118
Increase cyber security case information sharing, education and training 55 13
Service items 27 7
Positive encouragement 27 6
Publicity Exposure Promotion/Industry Cooperation 13 2
More information and content 5 0
Services for SMEs 4 0
Communication Channel/Notification Mechanism 4 0
Others 12 1
Source: Online Survey (2023)

Taiwan CERT/CSIRT Alliance - In depth Interview

Assisting in grasping diverse cybersecurity threats, expanding the scope of intelligence

Stakeholders have expressed positive feedback on the TWCERT/CC's service quality such as cybersecurity notifications. They believe that since major enterprises already have the ability to search for the public cybersecurity information autonomously, CERT/CC could share more about de-identified attack methods, in addition to indicators of compromise (IOC). By doing so, enterprises could be assisted in developing specific defensive strategies through cooperative information sharing. Furthermore, stakeholders suggest that, if feasible, they could collect leaked intelligence from the dark web, provide critical information to private enterprises in advance, thereby bolster the joint cybersecurity defense.

They share threat intelligence with enterprises. Generally speaking, I think the information they provide is relatively up-to-date, …The intelligence they provide, such as indicators of compromise (IOC), is very clear, which is pretty good.

We are more concerned about the attack method. …Since these are real cases of victimized enterprises, there should be a way to share the attack method after de-identification, …or perform some analysis or explanation about some active advanced persistent threat (APT) groups to inform Taiwanese enterprises about the key focus areas and directions to pay attention to.

Consolidating cybersecurity systems, continuously upgrading automated systems

Regarding the cybersecurity incidents reporting and threat intelligence sharing, stakeholders expect CERT/CC to establish more automated systems, on top of the existing services, bolstering communication efficiency and is a more economically scalable approach.

The attacks can occur at night, so sometimes you may find 40 to 50, or even 80 reports when you get into the office, which is not very efficient if they all need to be dealt with manually. That's why the API was proposed, to screen the reports received, organize them, and communicate about that directly through the system.

Nowadays, threat intelligence is sent via email, it can be automated, right? Otherwise, I have to download the file, extract the Excel file or article manually, then find the URL and IP, and finally write a program to copy the information, every time. I hope to automate all these processes and the API could detect and process them in real-time.

Information sharing through workshop, long-term cultivating of cybersecurity talents

Stakeholders are aware of the shortage of cybersecurity professionals in the industry and hope that TWCERT/CC can continuously cultivate cybersecurity talent through workshops and courses. As long as the sessions are led by experts, enterprises are willing to pay for participating. Stakeholders specifically mention the importance of balanced development between south and north Taiwan, suggesting more workshops and managing the cybersecurity center in the south.

Ask private enterprises to briefly explain the risks and problems they encounter, the attacks they have already witnessed, how the intrusions take place, using what methods, and their corresponding processes.

I hope that those workshops can be held both in southern and northern Taiwan. …There should be a balanced development between the north and the south. Some workshops are not suitable online, so I think a cybersecurity center is needed in the south to accommodate those in central and southern Taiwan.

I think that TWCERT or the Ministry of Digital Affairs have been conducting talent cultivation courses in recent years, offering some intermediate and advanced courses in both northern, central, and southern Taiwan. I think this is a good approach. The next step is to make sure that these courses can be made continuous and recurring to maintain their impact.