In the fight against cybercrime, bridging the gap between the EU’s Computer Emergency Response Teams (CERTs) and its law enforcement agencies (LEAs) is a crucial area for the improvement of cooperation. In addition to legal and regulatory aspects, it can also be noted that a cultural divide exists between these two communities. Therefore, at an EU level the two respective organisations, ENISA (facilitating CERT cooperation) and Europol (facilitating LEA cooperation), through the European Cybercrime Centre (EC3), have taken the initiative to improve cooperation between these two communities in the EU. This has included hosting annual workshops on practical cooperation issues.
A report on the findings of the 7th CERT workshop, co-organised and hosted at Europol Headquarters on 16 and 17 October, has just been published. This was the second such annual event organised jointly by the European Network and Information Security Agency (ENISA) and Europol and its purpose was to improve cooperation for cyber security related crime.
The report itself outlines the results of the individual workshops held at the meeting and also provides conclusions regarding the current status of CERT/law enforcement cooperation and how this might be further improved. The main recommendation of the report is to increase levels of trust between the two communities through measures such as the establishment of ‘liaison’ type roles for CERT and law enforcement representatives in each other’s teams and making communication between them more of a two way process, with the provision of feedback in relation to any information exchange. The report also highlights areas for further development with regard to cooperation such as data protection issues, cooperation with ISPs and the potential for automated data exchange between CERTs and law enforcement.