14 DAY TRIAL // The European Network and Information Security Agency (ENISA) has published a new report that makes some important recommendations on how Computer Emergency Response Teams (CERTs) can improve information sharing among them.
Cyber security has become a priority for many European countries. However, the key to making cyberspace more secure lies in collaboration. That’s why the agency wants to help organizations work better not only with other CERTs from the same country, but also with their European counterparts.
ENISA notes that there’s a fruitful collaboration between CERTs, which the agency calls “Digital Fire Brigades.” However, there are some legal and technical barriers that pose a challenge when it comes to exchanging and sharing information. Furthermore, information sharing is also impacted by the lack of interest from stakeholders.
The list of recommendations made by ENISA for addressing these problems includes facilitating the adoption and interoperability of tools that the CERT community can use, and promoting the use of standards for exchanging data.
Another piece of advice refers to incident feeds, which ENISA says are often changed without prior notice. The continuity and stability of incident feeds should be promoted, the agency believes.
Furthermore, the functionality of existing tools should be enhanced, particularly when it comes to automated incident correlation analysis, interoperability, advanced analytics and visualization, and threat intelligence.
Next year, ENISA promises to actively engage in supporting projects aimed at increasing the collaboration level between CERTs.
“The increasing complexity of cyber-attacks requires more effective cross-border information sharing among Computer Emergency Response Teams,” said Executive Director of ENISA, Professor Udo Helmbrecht.
“Effective information sharing saves time and effort in incident response and post-mortem analysis. It also increases synergies and aligns the best practices among the CERTs.”
The complete “Detect, SHARE, Protection: Improving Threat Data Exchange among CERTs” report is available on ENISA’s website.