2020 Report on CSIRT-LE Cooperation: study of roles and synergies among selected countries

Back to all publications

Download

Publication date:January 26, 2021

The purpose of this report is to further explore and support the cooperation between computer security incident response teams (CSIRTs), in particular national and governmental (n/g) CSIRTs, and law enforcement agencies (LEAs) and their interactions with the judiciary (prosecutors and judges). This report proposes a methodology to analyse the legal and organisational framework, the roles and duties of CSIRTs, LEAs and the judiciary, and their required competences, as well as synergies and potential interferences in their activities related to their responses to cyber incidents and fight against cyber-crime, respectively. In addition, this report aims to present a detailed analysis focusing on some Member States (MSs) and European Free Trade Association (EFTA) countries, namely Czechia, France, Germany, Luxembourg, Norway, Portugal, Romania and Sweden.

This report is also connected with the Training - Aspects of Cooperation between CSIRTs and Law Enforcement Agencies

Additional materials

Search related content with: Law Enforcement Autorities cyber crime CSIRTs

Publication details

Related content

Best_Practices_for_Cyber_Crisis_Management.png

Best Practices for Cyber Crisis Management

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves.

Cybersecurity Support Action

The ENISA Cybersecurity Support Action provides ex-post and ex-ante services and assistance to Member States' NIS2 Directive entities.

Sustained Activity by Threat Actors- Joint Publication

ENISA, the EU Agency for Cybersecurity, and CERT-EU, the Computer Emergency Response Team of all the EU institutions, bodies and agencies (EUIBAs), have issued a joint publication to alert on sustained activity by particular threat actors.

Aspects of Cooperation between CSIRTs and LE - Toolset 2021

This training material is an updated version of the ENISA training material Aspects of Cooperation between CSIRT and LE - Toolset, Document for trainees3, that was developed based particularly on the ENISA 2020 Report on CSIRT-LE Cooperation.

BROWSE ALL PUBLICATIONS

16th EU-CyCLONe Officers meeting

2024 Sep 24

24th CSIRTs Network Meeting

2024 Sep 23

15th EU-CyCLONe Officers meeting

2024 May 22

23rd CSIRTs Network Meeting

2024 May 22

BROWSE ALL EVENTS

BlueOLEx 2024 exercise: EU-CyCLONe test its cyber crisis response preparedness

Press Release

In light of the NIS2 era, this year’s edition of the BlueOlex built upon the scenario of Cyber Europe 2024 and tested the executive layer of cooperation in the EU ecosystem.

Cyber Europe tests the EU Cyber Preparedness in the Energy Sector

Press Release

The 7th edition of Cyber Europe, one of the largest cybersecurity exercises in Europe, organised by the European Union Agency for Cybersecurity (ENISA) challenged the resilience of the EU energy sector.

Geopolitics Accelerates Need For Stronger Cyber Crisis Management

Press Release

ENISA publishes a study on ‘Best Practices for Cyber Crisis Management’ that assists in preparation for crisis management. The study was conducted for the EU Cyber Crisis Liaison Organisation Network (CyCLONe) and is now available publicly.

CSIRT - Law Enforcement Cooperation Workshop - 10 Years of Joint Efforts against Cybercrime

News Item

The European Union Agency for Cybersecurity, (ENISA) and Europol’s European Cybercrime Centre (EC3) organised the 10th Annual Workshop for CSIRTs and law enforcement.

BROWSE ALL NEWS

CSIRT Maturity - Self-assessment Tool

This tool helps CSIRTs to self-assess their team’s maturity in terms of 44 parameters of the SIM3 model. SIM3 is also at the base of TI certification scheme under the TF-CSIRT and considered by FIRST for membership process. For several parameters…

CSIRTs by Country - Interactive Map

The European CSIRT Inventory gives an overview of the actual situation concerning CSIRT teams in Europe. It provides a list of publicly listed incident response teams that can be visualised by the interactive mapping tool. This tool allows the…

BROWSE ALL TOOLS