Enisa, the EU agency that coordinates information and network security policy, has called for the formation across Europe of public-private sector partnerships tasked with sharing intelligence on security incidents, vulnerabilities, threats and solutions.
These so-called Network Security Information Exchanges are not intended to have any operational role or respond to a crisis but would work at a tactical and strategic level by allowing bodies to exchange information in a trusted environment.
All members of a NSIE would actively share insights and intelligence and are to be distinguished from CERTs which tend to focus on issuing guidance and authoritative information.
The idea is that through sharing of experiences and sensitive information the groups jointly develop recommendations for mitigating risks and threats and continuously assess existing measures in light of new threats.
Information shared would include details on everything from security advisories to warnings and best practices on contingency planning, analysis on threats, risks, impact and vulnerabilities, on single point of failures, dependencies, crisis management arrangements, incidents, and exercises.
Enisa said it found NSIEs were often set up after a major incident provided evidence that such an organisation was needed, or after a country became aware of ‘worst case scenarios’.
Help from governments and adherence to ‘Chatham House Rule’ were key ingredients Enisa suggested, while engaging permanently with law enforcement agencies or with any telecommunications regulator is normally discouraged.
The body said that the drivers for the setting up of an information exchange are the benefits of members working together on common problems of cyber attacks, disaster recovery or physical attacks and gaining access to information which is not available from any other source, but only from competitors and national security agencies.
It called for NSIEs to develop a international perspective. “Risks, vulnerabilities and threats are global. Actually sharing of information at national level does not fully address the problem. As Member States develop effective information exchanges at national level they pave the way for wider collaboration and deployment at pan European level.”
It has just published a guide produced by Symantec which it hopes will pave the way for an accelerated deployment of national NSIEs and consequently of a pan European one.