National Cyber Incident Classification Handbook

This handbook is intended to guide participating States of the Organization for Security and Cooperation in Europe (OSCE) and other interested parties in developing and implementing a national cyber incident classification system.

After an introduction and context-setting section explaining the benefits and challenges of cyber incident classification, the handbook divides the process of setting up a national system into six steps:

Step 1: Set the goals.

Step 2: Engage stakeholders.

Step 3: Establish reporting pathways.

Step 4: Build on existing structures.

Step 5: Implement the system.

Step 6: Refine the system.

To illustrate the principles outlined in this handbook, we use the examples of two fictitious states representing different approaches to cyber incident classification. While these examples are fictitious, the description of their approaches is informed by observations of existing cyber incident classification practices.