The Agency has launched the public report on the ENISA -Europol jointly organised 7th annual CERT Workshop, Part II. This workshop was as a follow up event to the successful 6th Annual CERT workshop held last year in Prague, in the Czech Republic.
The 2012 CERT workshop was held at the Europol premises in The Hague, 16-17 October 2012. The focus remained on cooperation between national/governmental CERTs (n/g CERTs) in Europe and their national Law Enforcement counterparts (LEAs). (See earlier news item )
Composition of participants
Out of a total number of 44 participants, 15 represented the national/governmental CERT, 12 the national Law Enforcement Agency (usually the high tech crime units). The other participants were experts from Industry as well as from international organisations. Belgium, Czech Republic, France, Germany, Greece, Hungary, Ireland, Luxembourg, Netherlands, Slovenia, Spain, United Kingdom were the EU Member States that participated as well as Norway and Switzerland.
Workshop focus
The focus was on how to increase an exchange of information on cybercrime threats, and the cooperation and collaboration on a practical working level between n/g CERT and LEA communities, both on a national and cross-border level. There is an urgent need for these two communities to collaborate more and better, because of their complementary responsibilities. A mutual cooperation is a win-win situation for both communities, because both CERTs and LEAs can learn from and support each other in the fight against cybercrime. Currently, in many cases this collaboration is very limited and sometimes even non-existent. The workshop aimed to identify these synergies as well as gaps and to practically address these obstacles of cooperation.
Practical cooperation
After four keynote speeches, three interactive working sessions, in detail presented in the report, followed on:
- Botnet mitigation, (including e.g. Is botnet mitigation a business case for CERTs?)
- Capacity building (including e.g. Case studies, Data protection, and Exercises)
- Workflows and incident response; (including; e.g. Inventory of information sources and how they are managed, Need for a global directory; incompatible priorities, Internet Service Provider’s role, Intelligence and evidence collection, as well as takedown and sink-holing).
For full, detailed workshop report: 7th annual CERT Workshop Report