CYBER SECURITY : DETECTING CYBER THREATS: ENISA PUBLISHES 35 RECOMMENDATIONS.

Computer emergency response teams (CERTs) do not make sufficient use of all available tools to combat cyber threats effectively, concludes the European Network and Information Security Agency (ENISA) in a report, published on 7 December 2011. The agency makes 35 recommendations to mitigate 16 shortcomings in detection of network security incidents.

"National/government CERT managers should use the report to overcome identified shortcomings by using more external sources of incident information and additional internal tools to collect information to plug the gaps," commented ENISA Director Udo Helmbrecht.

The 16 weaknesses identified are mostly (13) technical in nature. For example, CERTs often receive poor quality data (delivery problem, lack of contextual information or invalid indicators). The study also highlights the absence of correlation of events and automation of incident analysis. This stems from a lack of standard format, instruments, resources and competences. The report also mentions legal problems (3), stressing the negative impact of confidentiality regulations and laws on protection of personal data, which can hinder information exchange.

Among its 35 recommendations, the agency proposes ways in which data suppliers can improve their contact with CERTs and...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT