Study on CNW tool for data leaks
Pre Information Notice
Mar 15, 2021
Negotiated procedure: maximum budget €70.000
One of ENISA’s duties is to actively support the cooperation among the CSIRTs Network Members as laid out in the NIS directive Article 12. Amongst these tasks, ENISA is dedicated to advance the cooperative response at EU level of large scale incidents and crises. One of the main objectives of this work is to support information exchange and cooperation, cross layer and cross border between Member States and as well as with EU institutions.
As part of its effort, ENISA would like to conduct a study on a possible tool for the CSIRTs Network usage to faster and better react to incidents where sensitive data is leaked. In the recent years the rise of data breaches is significant both in terms of numbers and in records affected. Sometimes leaked databases or a compilation of previous leaks, sometimes they contain records from different sources.
ENISA would like to map the current solutions and identify the specifications for a possible tool that could serve as an aid for the CSIRTs Network in sorting these data to support efficient information exchange and rapid response. The study should include at least the following functionalities:
- Ingesting different leaked databases in different source formats to a protected database;
- Do automatic sorting by the different constituencies of the individual members, based on for example IP geolocation, TLD or other relevant indicator;
- Identify data from previous leaks and exclude them from the final list;
- Ensure GDPR compliance;
Being able to sort the data and present the results to the relevant users while ensuring that no third party assess the information.
If you are interested in being invited to take part in this upcoming tender procedure, then please click on the Title link above and select 'submit your interest' before the deadline.