Legal & Cooperation

Published under Online training material

Establishing external contacts

Contacts

Target Audience

Duration

Download

Managers and incident handlers.

3 hours

Handbook

Toolset

To enhance students’ skills in establishing contacts with other CERTs, administrators of ISPs, and other parties responsible for the mitigation of security incidents in their networks around the globe.


Cooperation with Law Enforcement Agencies - Advising in Cyber Crime Cases

Law

Target Audience

Duration

Download

Technical and management CERT staff.

5 hours

Handbook

Toolset

 

Explain a CERT’s role in advising in a cyber-crime case and the basis for its effective cooperation with an LEA.


Assessing and Testing Communication Channels with CERTs and all their stakeholders

Channel

Target Audience

Duration

Download

CERT incident responders of all experience levels.

4 hours

Handbook

Toolset

In this exercise, participants will discuss all fundamental concepts of the communication channels between CERTs and their constituents, other CERTs, law enforcement, management, public relations (PR), legal counsel, and all other stakeholders. Special attention is given to communications while under attack, and to the testing of communication channels as a means of safeguarding and improving them.


Identifying and handling cyber-crime traces

Cyber

Target Audience

Duration

Download

CERT Staff.

7 hours

Handbook

Toolset

Virtual Image

VM How To

This task consists of 3 components: finding relevant information related to cybercrime in social media channels (based on Twitter examples), finding relevant information on IRC channels and analysing legal aspects of Internet monitoring activities related to cybercrime identification. The main objective is to teach trainees how to set up the basic system for continuous monitoring and alerting of various sources of information in terms of effective detection and warning for their constituencies based on the content.


Incident handling and cooperation during phishing campaign

phishing

Target Audience

Duration

Download

National CERTs, bank CERTs, CERTs for big companies or organisations.

4 hours

Handbook

Toolset

This task treats phishing on three levels: technical, organisational and legal. The purpose is to understand phishing campaigns better and understand how to resolve them in complex international contexts.


Cooperation in the Area of Cybercrime

Cooperation

Target Audience

Duration

Download

Incident responders of all experience levels.

6 hours

Handbook

Toolset

This task covers three different cybercrime related cases. All of them involve investigatory and legal aspects, but each of them requires participants to analyse them from different perspectives. All cases involve very common incidents for CERTs and organisations that could lead to law enforcement actions and court cases. Cooperation among the various parties involved is therefore essential and is the goal of this exercise – rather than exploring the techniques involved.


Aspects of Cooperation between CSIRTs and Law Enforcement Agencies

CSIRTS cooperation

Target Audience

Duration

Download

CSIRTs (mainly national and governmental CSIRTs but not limited to them), LE as well as individuals and organisations with an interest in Cybersecurity.

2-3 hours

Handbook

Toolset

This training is developed to support CSIRTs (mainly national and governmental CSIRTs), law enforcement (LE) and the judiciary cooperating closer. It focuses on the interaction across these communities, the synergies and the potential interferences when responding to cybercrime. This report is also connected with the Report on CSIRT-LE Cooperation: study of roles and synergies among selected countries


Cooperation across CSIRTs, Law Enforcement Agencies and the judiciary

CSIRTS cooperation

Target Audience

Duration

Download

CSIRTs (mainly national and governmental CSIRTs but not limited to them), LE, the judiciary (in particular prosecutors and judges) as well as individuals and organisations with an interest in Cybersecurity.

4 hours

Handbook

Toolset

Aspects of the cooperation across CSIRTs and LE by adding the important dimension of their interaction with the judiciary (prosecutors and judges) are presented covering areas such as data retention, sharing of personal data and confidentiality of criminal investigations as well as admissibility of digital evidence in criminal proceedings.


Cooperation between CSIRTs and Law Enforcement: Behavioural Aspects

CSIRTS cooperation

Target Audience

Duration

Download

CSIRTs (mainly national and governmental CSIRTs but not limited to them), LE as well as individuals and organisations with an interest in Cybersecurity.

4 hours

Handbook

Toolset – CSIRT Approach

Toolset – LE Approach

Human behaviour is associated with communities’ organisational culture. Different approaches to problems, modi operandi, mentalities and ‘languages’ of the different communities are presented.


Cooperation between CSIRTs and Law Enforcement: Legal and Organisational Aspects

CSIRTS cooperation

Target Audience

Duration

Download

CSIRTs (mainly national and governmental CSIRTs but not limited to them), LE as well as individuals and organisations with an interest in Cybersecurity.

4 hours

Handbook

Toolset – CSIRT Approach

Toolset – LE Approach

Challenges related to the diversity of legal systems and legal provisions of the Member States seem to set boundaries to information sharing between CSIRTs and LE. Legal and organisational challenges that need to be addressed for enhanced cooperation across the communities are presented.


Cooperation between CSIRTs and Law Enforcement: Technical Aspects

CSIRTS cooperation

Target Audience

Duration

Download

CSIRTs (mainly national and governmental CSIRTs but not limited to them), LE as well as individuals and organisations with an interest in Cybersecurity.

4 hours

Handbook

Toolset

Technical cooperation between CSIRTs and LE is of great importance for fighting cybercrime. Ongoing efforts towards a broader adoption and use of a common taxonomy and common tools are presented.


CERT participation in incident handling related to the Article 13a obligations

CERT Team, television screens, the 'digital fire brigades'

Target Audience

Duration

Download

Incident handlers and CERT managers.

3 hours

Handbook

Toolset

data_ddos.pcap

Information about rules, procedures and best practice in handling incident related to obligation for internet service providers described in the Article 13a of the European Telecom Package.


CERT participation in incident handling related to the Article 4 obligations

CERT exercise video

Target Audience

Duration

Download

Incident handlers and CERT managers.

2 hours

Handbook

Toolset

Information about rules, procedures and best practices in incident handling related to personal data breaches. It is based on data breach notification requirements for the electronic communication sector introduced by the review of the ePrivacy Directive. The process of notification is parallel to normal incident handling process and it is part of it.

Browse the Topics

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies