Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

12/16/2011
03:37 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Achieving Effective Cross-Border Information Exchange Between 'Digital Fire Brigades'

Report analyzes effects of information sharing

BRUSSELS and HERAKLION, Greece, December 16, 2011 /PRNewswire/ --

The EU's "cyber security" Agency ENISA has published a study [http://www.enisa.europa.eu/act/cert/support/legal-information-sharing ] into legal and regulatory aspects of information sharing and cross-border collaboration of national/governmental CERTs (Computer Emergency Response Teams) in Europe. The report analyses what effects these aspects have on cross border information sharing between CERTs. The conclusion is that there exists a delicate balance of investigating, managing and mitigating computer incidents, whilst respecting rights and obligations provided for by certain legal and regulatory frameworks, including data protection and privacy provisions.

CERTs are crucial in cross border co-ordination of computer incidents and in order to perform their important role they need to exchange information. Cross border information exchange requires complex legal factors to be considered. CERTs in different countries have differing legal grounds to request from and transmit information to other teams. Furthermore, the information exchanged might be personal data and therefore subject to specific privacy provisions. In addition, CERTs, including national/governmental CERTs, have varying mandates. The study [http://www.enisa.europa.eu/act/cert/support/legal-information-sharing ] identifies these legal and regulatory factors, and performs an assessment of what effects they have on cross-border information sharing between CERTs. Among others, one of the findings of this study is that, in practice, data protection, data retention, and obligations to work with law enforcement are the greatest challenges for cross-border CERT co-operation.

The Executive Director of ENISA, Professor Udo Helmbrecht [http://www.enisa.europa.eu/about-enisa/structure-organization/executive-director/ed_cv-helmbrecht_fr ] , comments: "CERTS have to perform a delicate balancing act between investigating, managing, and mitigating incidents, and at the same time protecting privacy, data, and integrity. Clearly, cross border exchange of information should not be considered as a risk to fundamental rights, as exchanges are a precondition for effective response to cyber ICT incidents, as well as to protect these very rights. Poor cyber security can in effect undermine the exercise of your human rights."

Samples of medium/long term policy intervention recommendations include:

- Clarification of the differences between national legal frameworks; - Adoption of EU legislation that takes account of the scope of national/governmental CERTs; - Specification of a threshold for incidents requiring national/governmental CERT response & information sharing; - Explanation of why CERTs need to process personal data for relevant authorities to establish clarity under what circumstances this data may be shared across borders; - Inclusion of information on the legal basis for information requests.

For FULL REPORT [http://www.enisa.europa.eu/act/cert/support/legal-information-sharing ]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
IoT Vendor Ubiquiti Suffers Data Breach
Dark Reading Staff 1/11/2021
The Data-Centric Path to Zero Trust
Altaz Valani, Director of Insights Research, Security Compass,  1/13/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).