Feeds

ENISA, Europol, strike info-sharing deal

Watch out, cyber-crooks, TWO European agencies are chasing you now

Reducing the cost and complexity of web vulnerability management

Europe's peak information security body will join forces with the continent's criminal intelligence sharing outift in order to beat down on carders and crackers plaguing Europe.

Heads of the European Union Agency for Network and Information Security (ENISA) signed a deal with Europol at the Hague last Thursday to give a capability kick to Europol and its cyber crime centre (EC3).

The two agencies will share insights that can help shed light on cyber crime cases, strategic analyses and best practice, and training.

The new alliance is part of broader work by ENISA to ensure computer emergency response teams (CERTs) scattered across Europe were regularly talking and sharing info.

In a joint statement ENISA executive director Professor Udo Helmbrecht and Europol boss Rob Wainwright said information sharing between the agencies was important to help fight online crime.

"This agreement is an important step in the fight against ever more skilled cyber criminals who are investing more time, money and people on targeted attacks," the chiefs wrote in a canned statement.

"Cyber crime is estimated to cost the global economy more than $400 billion annually [and] by cooperating more closely together and sharing expertise, we strengthen Europe’s capacity to combat cyber criminals.”

The deal did not include the exchange of personal data.

Information-sharing is a perennial problem for crime-fighting agencies. Countless statements have been released on the back of deals and memoranda promising to formalise what often amounted to an exchange of tip offs through causal phone calls between industry friends.

The road blocks for information sharing were diverse. It included departmental territory guarding, a lack of personal ties between agency staff that often led to tip offs, and an absence of trust by the private sector in exposing sensitive but valuable data to governments.

There were also technical and legal constraints, according to an October 2013 ENISA report dubbed Detect, SHARE, Protect [PDF].

"Despite fruitful cooperation between many CERTs bringing visible results in improving cyber security in EU member states, the teams still face obstacles that work against seamless security information exchange and sharing [including] legal and technical barriers, as well as lack of interest from cyber security stake holders in sharing information," it said in the report.

"The 'perfect' scenario for enhancing sharing practices in the CERT community would include building a bridging platform that would extend existing communities and broker information across these communities."

Communication tools should be interoperable and open source, backed by solid threat intelligence and correlation engines, advanced incident analytics and visualisation, and automatic prioritisation.

Such an effort would be run by the European CERTs and supported by ENISA, it said. ®

Security and trust: The backbone of doing business over the internet

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.