-
National/governmental CERTs - ENISA's recommendations on baseline capabilities
-
Having a national / governmental CERTs in place that fulfils the requirements for ’baseline capabilities’ as defined in this document is essential for CIIP in all Member States. However these teams should not be considered as the one and only necessary measure a Member State must take in order to ensure adequate protection. CIIP at the national level must always be planned as part of a complete cyber-security strategy, in which a national / governmental CERT plays an important role but is not the only component. The planning of a complete national cyber-security strategy in a Member State is outside the scope of this document.
Located in
Publications
-
Roadmap to provide more proactive and efficient CERT training
-
The roadmap identifies 10 proposals on how ENISA could improve CERT training and exercises in Europe. The ideas in the document are valuable, as they reflect the actual community needs and requirements and there could be mutual benefit from both CERT community and ENISA in this more active approach towards training and exercises.
Located in
Publications
-
Good Practice Guide on Training Methodologies
-
The goal of this document is to guide both novice and experienced trainers to design and deliver trainings of any size or type, and to make these trainings more successful, more “fun” and with better and longer lasting results.
Located in
Publications
-
A flair for sharing - encouraging information exchange between CERTs
-
This study focuses on the legal and regulatory aspects of information sharing and cross-border collaboration of national/governmental CERTs in Europe.
Located in
Publications
-
Cooperation between CERTs and Law Enforcement Agencies in the fight against cybercrime - A first collection of practices
-
The essential aim of this report is to improve the capability of CERTs, with a focus on the national/governmental CERTs (n/g CERTs), to address the network and information security (NIS) aspects of cybercrime. It focuses particularly on supporting n/g CERTs and their hosting organisations in the European Union (EU) Member States in their collaboration with the LEAs. It also intends to be a first collection of practices collected from mature CERTs in Europe, including among other things workflows and collaboration with other key players, in particular different law enforcement authorities, in the fight against cybercrime.
Located in
Publications
-
Good Practice Guide for Addressing Network and Information Security Aspects of Cybercrime
-
In 2010 ENISA started its support for operational collaboration between the Computer Emergency Response Teams (CERTs) in the Member States on the one hand and Law Enforcing Agencies (LEA) on the other hand. Various activities have since been launched, including stock takings of legal and operational obstacles that prevent collaboration, advice resulting from that, workshops that brought together members of both communities, consultation with members of both communities, etc. It was soon realised that the process of trust building, tackle obstacles together, discussion and finally working together would need time and active, continuous support from ENISA, CERTs and LEAs, and that ENISA just embarked on a long-term trip to achieve its goals.
The document at hand constitutes a “work in progress”, a snapshot of the current status of ENISAs support for CERTs and LEAs, and includes good practice and recommendations for both communities. It must be clear that while we may already be several steps closer to a smoother collaboration, we need to continue our common efforts to reach that goal.
This document contains a Good Practice Guides concerning co-operation between Computer Emergency Response Teams (CERTS) and other stakeholders, primarily Law Enforcement Authorities (LEAs) within Europe.
Located in
Publications
-
Information sharing and common taxonomies between CSIRTs and Law Enforcement
-
This Report on Information Sharing and Common Taxonomies between CSIRTs and Law Enforcement Agencies (LEAs) was produced at the initiative of ENISA with the objective to enhance cooperation both between the Member States (MS) of the EU and between related Network and Information Security (NIS) communities. With this study, which is a continuation of ENISA’s work done in the area of fight against cybercrime, ENISA aims at identifying which information can be shared between CSIRTs and LEAs and how this can be achieved from a technical and organisational perspective.
Located in
Publications
-
CSIRT Setting up Guide in English
-
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Located in
Publications
-
CSIRT Setting up Guide in Bulgarian
-
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Located in
Publications
-
CSIRT Setting up Guide in Czech
-
The document at hand describes the process of setting up a Computer Security and Incident Response Team (CSIRT) from all relevant perspectives like business management, process management and technical perspective.
Located in
Publications