CERT or CSIRT are cyber security incident response teams and they both provide cyber defense and respond to cybersecurity indents. Computer emergency response team and Computer Security Incident Response Team both focus on resolving incidents and recovery but do also engage in proactive activities as well. CERT and CSIRT do pretty much the same thing but CERTs are typically bigger and respond to major incidents that affect national or regional issues. CSIRTs on the other hand focuses on business threats and are internal to business networks.
Some responsibilities include determining the damage or impact after an incident, finding out the root cause of the incident, recommending solutions and mitigation approaches, managing database of the incidents and working with other agencies to keep pace with technology, and participating in proactive cyber defense posture reviews.
HansITAcademy 