Morocco: Adopted DGSSI Cybersecurity Incident Management Framework (Version 1.1) aligning with ISO 27035

On 17 January 2023, the General Directorate of Information Systems Security (DGSSI) issued the Cybersecurity Incident Management Framework (Version 1.1) aligned with ISO 27035. The framework defines a six-phase approach, encompassing planning and preparation, detection and triage, analysis and containment, eradication, recovery, and post-incident review. It identifies common attack vectors and categorises prevalent cybersecurity incidents, specifying mandatory reporting requirements to the Moroccan Computer Emergency Response Team (maCERT). The framework includes standardised incident declaration forms, guidelines for traffic capture during incidents, and indicators for various attack types. Annexes provide in-depth instructions for managing phishing, website defacement, malware, and denial-of-service (DoS) attacks. The framework further details requirements for outsourcing incident response services, focusing on the qualifications of service providers, confidentiality agreements, and communication protocols