ENISA launches Guide on sharing information to mitigate network security vulnerabilities, threats and cyber attacks
EU Agency ENISA presents the first pan European Good Practice Guide on Network Security Information Exchange (NSIE). The main aim of this guide is to assist Member States and private stakeholders in setting up and running NSIEs at national level. The guide could also pave the way for the creation of the first pan European NSIE for critical communication networks and services.
ENISA’s stock taking and analysis on this topic confirmed the importance and strategic value of information sharing. Member States are strongly interested in better understanding and deploying information sharing exchanges. They explicitly requested ENISA to develop a good practice guide based on observed practices of existing NSIEs.
The content of the guide represents the aggregation of good practices from a number of countries having significant expertise in the area and individual discussions with experts.
NSIE is a form of strategic partnership among key public and private stakeholders. The drivers for this information exchange are the benefits of members working together on common problems and gaining access to information which is not available from any other source.
NSIE is an excellent vehicle to:
- better understand a changing security and resilience environment
- learn in a holistic manner about intrusions, vulnerabilities and threats
- develop recommendations for mitigating vulnerabilities, threats, & cyber attacks
- jointly develop methods to continuously assess existing measures
- provide unique insights and strategic views to policy makers and strategists
The Agency commented:
“Information sharing is a crucial element in EU efforts to enhance the resilience and security of critical communication networks and services. Hopefully this guide will pave the way for an accelerated deployment of national NSIEs and consequently of pan European one”
This good practice guide is part of ENISA’s Resilience Program. It contributes to European Commission (or EU) strategy of Critical Information Infrastructure Protection (CIIP). This strategy calls for wide deployment of national NSIEs and the creation of a pan European Public Private Partnership for Resilience.