Europe – via ENISA, the EU network and information security agency – is setting its shoulder to the Sisyphean task of trying to align its various national Computer Emergency Response Teams (CERTs).
The problem, the agency says in a new paper published here, is that there's a lack of cross-border coordination of Computer Emergency Response Team actions.
It hopes to create interoperability of things like information feeds and ticketing systems between the CERTs, NATO, and the private sector.
The high points, the paper says, are to:
- promote continuity of incident feeds, “which are often changed without prior notice”;
- get interoperability between existing tools; and
- improve the functionality of tools, including correlation engines, threat intelligence, analytics and visualisation, and automatic prioritisation.
In the paper, ENISA said CERTs had told it that as well as arbitrary changes to information feeds, “many feed publishers do not adhere to the standardised feed formats and create their own feed templates,” and would prefer that publishers stick to standard XML or even CSV formats.
ENISA says it will initiate a cross-border information-sharing project in 2014 to help national CERTs in Europe. ®