ENISA has published the “Impact Analysis and Roadmap” report on supporting the Computer Emergency Response Teams (CERT) community, for the period of 2005-2014, and proposes a “Roadmap” up until 2020. The report is targeted at policy and decision-making bodies, EU institutions responsible for the CERT EU Member State policy agenda, as well as experts and the CERT community itself.
The assessment conducted follows a dual perspective within the operational, policy and regulatory environment, in line with the Digital Agenda, the EU Cyber Security Strategy and the proposed NIS directive. Key objectives of the study are to:
- List ENISA’s achievements in relation to EU CERTs and the relevant policy
- Perform an impact analysis of ENISA’s achievements in relation to CERTs and other operational communities
- Provide a roadmap up until 2020
- Measure ENISA’s overall impact on CERT communities beyond the traditional deliverables produced and published by the Agency
Key Findings
The roadmap includes the main recommendations resulting from the current analysis, which have been validated by a group of CERT experts. Key findings include from:
- Policy perspective: ENISA may act as “a representative voice” for CERTs in the European policy context in the upcoming years.
- Operational perspective: there is an expressed need to keep baseline capabilities separate from capacity building, depending on the levels of maturity of each CERT team, and the required level for the participation in trainings
- 360 Feed-back: A need for greater harmonisation and common standards among CERTs under ENISA’s lead and guidance. Better channels of communication have been requested on activities, and alerts on current attacks and incidents. Additionally ENISA is called to lead the work on compiling a catalogue with information on incidents and threats with recommendations.
For the full report: Impact Analysis and Roadmap on supporting CERTs
Background:
ENISA has been instrumental in building and actively supporting the growing network of non-governmental CERTS since its inception in 2005. The agency publishes recommendations aiming to level and elevate CERTS capabilities and provides training material.