Computer Emergency Readiness Team (WA-CERT)

This team brings advanced analysis expertise for the mitigation of security incidents.  The WA-CERT performs and facilitates incident handling for response to a cybersecurity incident within an agency or across agencies.  This response effort utilizes both internal OCS certified incident handlers as well as state agency resources regularly trained and certified by OCS staff.  The combination of these assets provides agility and burst capability for the team.  

The WA-CERT performs all aspects of incident response, to include:  scope detection, log analysis, forensic attribution, and incident handling duties for cybersecurity incidents through recovery.  When not performing incident response, proactive security/risk assessments are performed to assist agencies, boards, and commissions in making informed decisions regarding their security posture and resources.

Key Functions:

  • Incident Validation
  • Response
  • Forensics
  • Advisories
  • Recovery
  • Risk Assessment