CERT LV

The organisation operates as Latvia’s national computer emergency response team, commonly known as CERT‑LV. Its core function is to detect, analyse, and respond to cybersecurity incidents affecting government institutions, critical infrastructure, private enterprises and individual users within the country. It maintains a 24/7 security operations centre that receives incident reports via web portal, email and phone, triages them and initiates appropriate containment or eradication actions. Beyond immediate response, the team produces technical advisories and indicators of compromise that are distributed to affected parties and to the broader Latvian cybersecurity community. The organisation also conducts vulnerability assessments on request, offers guidance on secure system configuration and runs regular awareness campaigns aimed at improving cyber hygiene among citizens and businesses. It provides a point of contact for coordination with internet service providers, hosting companies and other operators that may be involved in the propagation of malicious traffic. All services are offered free of charge to entities operating in Latvia, regardless of sector or size. The team’s activities are guided by national legislation that designates it as the authority responsible for handling cybersecurity incidents at the national level.

As the designated national CERT, the organisation holds a recognised regulatory role within Latvia’s cybersecurity framework, acting as the official point of contact for the European Union’s CSIRT network and for international partners such as NATO’s CCDCOE. This positioning gives it a distinctive authority to issue binding recommendations and to coordinate cross‑border incident handling when Latvian assets are involved. Notable competencies include malware reverse‑engineering, threat‑intelligence production and forensic analysis, supported by dedicated facilities and a team of certified analysts. The organisation contributes to the development of national cybersecurity strategy by providing expert input to government ministries and by participating in the drafting of legal acts related to information security. It regularly organises training sessions, workshops and tabletop exercises for public‑sector officials, private‑sector security teams and academic institutions, aiming to raise the overall level of preparedness. Annual activity reports are published, summarising incident trends, response metrics and outreach efforts, thereby offering transparency to stakeholders. Through these functions the organisation has become a trusted reference point for both public and private entities seeking reliable cybersecurity information and assistance. Its continuous engagement with regional and global CSIRT communities ensures that Latvia remains integrated into the broader effort to detect, mitigate and learn from cyber threats.