Roadmap on the cooperation between CSIRTS and LE

The purpose of this roadmap is to further explore the cooperation across computer security incident response teams (CSIRTs) in particular with national and governmental - law enforcement (LE) and the Judiciary (prosecutors and judges). This roadmap aims to support the cooperation between CSIRTs and LE, as well as their interaction with the Judiciary in their fight against cybercrime, by providing information on the organisational, legal, technical and cultural cooperation aspects and by identifying current shortcomings and making recommendations to further enhance cooperation. The geographical coverage of this roadmap is mainly the EU and European Free Trade Association (EFTA).


This roadmap follows the reports that ENISA has published throughout 2017 and 2018 on this subject-matter:

  • Cooperation between CSIRTs and law enforcement: interaction with the judiciary (ENISA, 2018), which focused on the aspects of the cooperation across the three communities;
  • Review of Behavioural Sciences Research in the Field of Cybersecurity (ENISA, 2018a), which focused on human aspects of cybersecurity;
  • Tools and Methodologies to Support Cooperation between CSIRTs and Law Enforcement (ENISA, 2017), which focused on technical aspects;
  • Improving Cooperation between CSIRTs and Law Enforcement: Legal and Organisational Aspects (ENISA, 2017a), which focused on the legal and organisational issues of cooperation. All these reports are available on the ENISA website.

This publication is also linked to the following trainings:

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies