Give and Take

Good Practice Guide for Addressing Network and Information Security Aspects of Cybercrime

Published In: Good Practice Guide for Addressing Network and Information Security Aspects of Cybercrime (Heraklion, Greece : European Network and Information Security Agency (ENISA), 2012)

Posted on RAND.org on November 01, 2012

by Neil Robinson, Luke Gribbon, Hans Graux, Peter Burnett, Alice Reeves

Read More

Access further information on this document at www.enisa.europa.eu

This article was published outside of RAND. The full text of the article can be found at the link above.

In 2010 ENISA started its support for operational collaboration between the Computer Emergency Response Teams (CERTs) in the Member States on the one hand and Law Enforcement Agencies (LEA) on the other hand. Various activities have since been launched, including stock taking of legal and operational obstacles that prevent collaboration, advice resulting from that, workshops that brought together members of both communities, consultation with members of both communities, etc. It was soon realised that the process of trust building, tackling obstacles together, discussion and finally working together would need time and active, continuous support from ENISA, CERTs and LEAs, and that ENISA just embarked on a long-term trip to achieve its goals. The document at hand constitutes a "work in progress", a snapshot of the current status of ENISAs support for CERTs and LEAs, and includes good practice and recommendations for both communities. It must be clear that while we may already be several steps closer to a smoother collaboration, we need to continue our common efforts to reach that goal. This document contains a Good Practice Guide concerning cooperation between Computer Emergency Response Teams (CERTS) and other stakeholders, primarily Law Enforcement Authorities (LEAs) within Europe.

Research conducted by

This report is part of the RAND Corporation external publication series. Many RAND studies are published in peer-reviewed scholarly journals, as chapters in commercial books, or as documents published by other organizations.

The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.