Policies

Types of Incidents and Level of Support

PNGCERT is authorized to address all types of computer security incidents which occur, or threaten to occur, in the PNG cyber-space. Incidents will be prioritized according to their apparent severity and extent.

PNGCERT is committed to keeping its constituency informed of potential vulnerabilities, and where possible, advice remedial or mitigating options.

PNGCERT is not mandated to enforce the Cybercrime Code Act 2016 but will work closely with law enforcement agencies.

Co-operation, Interaction and Disclosure of Information

ALL incoming information related to incidents is handled confidentially by PNGCERT, regardless of its priority. Any information or documentation to be disclosed must have a TLP designation

Communication and Authentication

Usage of PGP or other pre-­approved crypto graphical means, in all cases where sensitive information is involved is highly recommended.