06 Mar 2013
There should be more honeypots and more regional computer emergency response teams (CERTs) to exchange better and faster sensitive data linked to information security, according to two in-house reports of the European Network and Information Security Agency (ENISA).
At this point, some 100 CERTs are set all across Europe and the EU officials see as imperative that every EU state member has its own CERT unit and a dedicated EU CERT team to cooperate and constantly communicate to protect private and public sectors, Euractiv reports.
According to the Proactive Detection of Network Security Incidents report, ENISA pointed out more than a dozen limitations with respect to incident detection rate, information accuracy, exchange ratio and lack of contextual information.
“The most important legal problem involves privacy regulations and data protection laws that often hinder the exchange of information – an obstacle faced by CERTS but unfortunately not by miscreants responsible for network attacks.” the report finds.
The second report is focused on the need for more honeypots all through Europe to closely monitor, collect or combat illegal attempts against information systems.
According to the second report, CERTs need any information that can “offer them great insights into malicious activity in a CERT’s constituency, providing early warning of malware infections, new exploits, vulnerabilities and malware behavior as well as an excellent opportunity to learn about changes in attacker tactics.”
Knowledge is king and consistent communication between all specialized CERT units is key in fighting cyber-crime.