ENISA, Europol, strike info-sharing deal

Watch out, cyber-crooks, TWO European agencies are chasing you now

Boost IT visibility and business value

Europe's peak information security body will join forces with the continent's criminal intelligence sharing outift in order to beat down on carders and crackers plaguing Europe.

Heads of the European Union Agency for Network and Information Security (ENISA) signed a deal with Europol at the Hague last Thursday to give a capability kick to Europol and its cyber crime centre (EC3).

The two agencies will share insights that can help shed light on cyber crime cases, strategic analyses and best practice, and training.

The new alliance is part of broader work by ENISA to ensure computer emergency response teams (CERTs) scattered across Europe were regularly talking and sharing info.

In a joint statement ENISA executive director Professor Udo Helmbrecht and Europol boss Rob Wainwright said information sharing between the agencies was important to help fight online crime.

"This agreement is an important step in the fight against ever more skilled cyber criminals who are investing more time, money and people on targeted attacks," the chiefs wrote in a canned statement.

"Cyber crime is estimated to cost the global economy more than $400 billion annually [and] by cooperating more closely together and sharing expertise, we strengthen Europe’s capacity to combat cyber criminals.”

The deal did not include the exchange of personal data.

Information-sharing is a perennial problem for crime-fighting agencies. Countless statements have been released on the back of deals and memoranda promising to formalise what often amounted to an exchange of tip offs through causal phone calls between industry friends.

The road blocks for information sharing were diverse. It included departmental territory guarding, a lack of personal ties between agency staff that often led to tip offs, and an absence of trust by the private sector in exposing sensitive but valuable data to governments.

There were also technical and legal constraints, according to an October 2013 ENISA report dubbed Detect, SHARE, Protect [PDF].

"Despite fruitful cooperation between many CERTs bringing visible results in improving cyber security in EU member states, the teams still face obstacles that work against seamless security information exchange and sharing [including] legal and technical barriers, as well as lack of interest from cyber security stake holders in sharing information," it said in the report.

"The 'perfect' scenario for enhancing sharing practices in the CERT community would include building a bridging platform that would extend existing communities and broker information across these communities."

Communication tools should be interoperable and open source, backed by solid threat intelligence and correlation engines, advanced incident analytics and visualisation, and automatic prioritisation.

Such an effort would be run by the European CERTs and supported by ENISA, it said. ®

The Essential Guide to IT Transformation

More from The Register

next story
Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
'Greenhouse effect is real, but as for the rest of it ...'
'Blow it up': Plods pop round for chat with Commonwealth Games tweeter
You'd better not be talking about the council's housing plans
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
Adam Afriyie MP: Smart meters are NOT so smart
Mega-costly gas 'n' 'leccy totting-up tech not worth it - Tory MP
prev story


Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.