Law Enforcement SIG


CERTs / CSIRTs operate within the cybersecurity domain dealing with attacks and incidents, while law enforcement agencies are responsible for countering and combatting cybercrime. The former is generally understood to adopt a more proactive stance of protecting ICT infrastructure while the latter is focused on crime prevention, detection, investigation and disruption. Nevertheless, there are areas of convergence in approaches dealing with cybersecurity and cybercrime since these approaches serve to fulfil the common goal of ensuring a safer cyberspace for citizens, businesses and societies to thrive.

Current factors hindering closer cooperation between law enforcement and CERTs / CSIRTs include a lack of understanding of respective mandates, perceived duplication of responsibilities such as in intelligence analysis and incident response, disparities in capacity and capabilities between agencies, and a lack of trust.

Hence, the proposed Group aims to achieve the following objectives:

Goals & Deliverables




Request to Join