What is the European counterpart organization to USA's NIST?
I want to check the European best practices and guidelines on computer security. Does anyone know if this organization exists, and if there are available publications?
I need to check the policy role of some firewall but in general I want to know what is the de-facto standard organization to watch.
I live in Italy.
The appropriate organisation for Europe is ENISA, however as Rory points out there are also organisations specific to the sovereign states, which all have their own legislation regarding data protection and information security.
There are a range of organisations throughout Europe - so if you want a specific one, you should state which country is of interest. Also, NIST produce guidelines which are generally appropriate anywhere so if you currently use them, they will give you a good basis.
You should look at ISO:IEC 27002 (and in fact the entire 27000 range) as well as the Data Protection Act 1998 (or it's local equivalent) as these are good guidelines.
If you can give more information as to what you are protecting and what country you are in there may be more specific documents we can point you at.
Or check ACPO (Association of Chief Police Officers)Guidelines, you just have to narrow it down to the ones applicable to your current case. e.g This one is for Digital Evidence: http://www.digital-detective.net/digital-forensics-documents/ACPO_Good_Practice_Guide_for_Digital_Evidence_v5.pdf
I hope that helps, cheer!
