A Framework for Information Sharing and Alerting (FISHA) – A proposed collaboration between CERT Polska, CERT-Hungary and the University of Gelsenkirchen to build a common European information and alerting system within the framework of the EPCIP programme, based on the findings of the EISAS study of ENISA.

The project addresses the issue of improving security awareness amongst home users and SMEs through the creation of a European information sharing and alerting system. The focus on home users and SMEs stems from the fact that these groups play a critical role in the security of the Internet as a whole, and as such, the European critical information infrastructure. At the same time both groups remain an easy target of attacks, due to low awareness of security issues and the lack of required technical skills to handle them in a proper manner. There is therefore a need of a channel that can be used to reach these groups and supply them with timely best practice information, alerts and warnings phrased in an easy to understand, non-technical way. While a number of national initiatives with a similar goal exist, these initiatives do not cooperate as actively in this field as they could. There is therefore much to be gained by pooling their resources and building upon existing information exchange initiatives, developed in particular, in the CERT community. Previous studies in the watch and warning field have shown that there are a lot of different views and interpretations by experts from different countries as to what really should be done at a European level. These differing views have hindered past European wide efforts, with relevant stakeholders firmly opposing a creation of a large centralized structure.

The project builds on the consortium partners and the involvement of supporting partners. The consortium partners include two national CERTs that were participating in making of the EISAS Study of ENISA (CERT Polska) and taking part of the Best Practice Brokerage of ENISA (CERT-Hungary), and a research institute (Institute for Internet Security – if(is) - of the University of Gelsenkirchen). The supporting partners include public policy making bodies and regulatory authorities (the Finnish Telecom Agency FICORA, the Electronic Government Centre of the Hungary, the Hungarian Telecom Agency NHH), the Dutch government CERT (GovCERT.NL) and industry players (Cisco Hungary), and their number will be further increased during the project. The role of the consortium partners is to manage the work-package falling under their responsibility and carry out the tasks attached to them in each work package. The supporting partners are involved in the advisory working group, information exchange and validation of the protocol.

The project will be structured into six work-packages. The output of the 24 month project are the following deliverables:

• an inventory of available material to support the tasks of the research work group,
• a fictitious case study on how to set up a new (N)ISAS in a Member State,
• a web portal prototype for Information Sharing and Alerting,
• a Functionality Requirements Document,
• the Information Sharing and Alerting Protocol requirements and specification,
• prototype software implementation,
• roadmaps for the involvement of Member States, European Commission, ENISA, industry, academia and consumer protectionists in maintaining the system,
• communication plan for end-users and SMEs.

The long term results will be the improved information security awareness and technical empowerment of end-users and SMEs, the better collaboration of stakeholders, and a better information security situation at a European scale. The dissemination of results will include closed and open workshops, a project website, presentations promoting the project at other CIIP seminars and conferences.