In 2010 ENISA started its support for operational collaboration between the Computer Emergency Response Teams (CERTs) in the Member States on the one hand and Law Enforcing Agencies (LEA) on the other hand. Various activities have since been launched, including stock takings of legal and operational obstacles that prevent collaboration, advice resulting from that, workshops that brought together members of both communities, consultation with members of both communities, etc. It was soon realised that the process of trust building, tackle obstacles together, discussion and finally working together would need time and active, continuous support from ENISA, CERTs and LEAs, and that ENISA just embarked on a long-term trip to achieve its goals.
The document at hand constitutes a “work in progress”, a snapshot of the current status of ENISAs support for CERTs and LEAs, and includes good practice and recommendations for both communities. It must be clear that while we may already be several steps closer to a smoother collaboration, we need to continue our common efforts to reach that goal.
This document contains a Good Practice Guides concerning co-operation between Computer Emergency Response Teams (CERTS) and other stakeholders, primarily Law Enforcement Authorities (LEAs) within Europe.