Difference between revisions of "Information Sharing"

From CIPedia
Jump to navigation Jump to search
Line 1: Line 1:
<big>Information sharing in the context of [[Critical Infrastructures]] is about sharing [[security]] related information. Most often it concerns [[cyber security]] but physical security related information may be shared as well between private, public-private and public partnerships.</big><br />
+
<big>Information sharing in the context of [[Critical infrastructures]] is about sharing [[security]] related information. Most often it concerns [[Cyber security]] but physical security related information may be shared as well between private, public-private and public partnerships.</big><br />
  
 
==Definitions==
 
==Definitions==
Line 9: Line 9:
 
<br />
 
<br />
 
<br />
 
<br />
 +
 +
==International Standards==
 +
<big>ISO/IEC 27010 (2012), “ISO/IEC 27010:2012: Information technology — Security techniques — Information security management for inter-sector and inter-organisational communications”, ISO, Geneva, Switzerland.</big>
  
 
==Good Practice on Information Sharing==
 
==Good Practice on Information Sharing==
 
==== European Union ====
 
==== European Union ====
# <ref>[refs coming]</ref>
+
# Actionable Information for Security Incident Response <ref>[http://www.enisa.europa.eu/activities/cert/support/actionable-information/actionable-information-for-security/at_download/fullReport “Actionable Information for Security Incident Response”, ENISA, Heraklion, Greece (2014).]</ref>
 +
# Standards and tools for exchange and processing of actionable Information <ref>[http://www.enisa.europa.eu/activities/cert/support/actionable-information/standards-and-tools-for-exchange-and-processing-of-actionable-information/at_download/fullReport “Standards and tools for exchange and processing of actionable Information”, ENISA, Heraklion, Greece (2014).]</ref>
 +
# Good Practice Guide Network Security Information Exchanges <ref>[http://www.enisa.europa.eu/media/press-releases/guide-to-mitigate-vulnerabilities-threats-cyber-attacks “Good Practice Guide Network Security Information Exchanges”, ENISA, Heraklion, Greece (2009).]</ref>
 +
 
 +
 
  
 
==== Global Conference on CyberSpace 2015 (GCCS2015) ====
 
==== Global Conference on CyberSpace 2015 (GCCS2015) ====
'''Sharing Cyber Security Information''' <ref>[https://www.gccs2015.com/sites/default/files/documents/Sharing%20Cyber%20Security%20Information%20GCCS%202015.pdf "Luiijf and Kernkamp (2015), Sharing Cyber Security Information"]</ref>:  
+
Sharing Cyber Security Information <ref>[https://www.gccs2015.com/sites/default/files/documents/Sharing%20Cyber%20Security%20Information%20GCCS%202015.pdf "Luiijf and Kernkamp (2015), Sharing Cyber Security Information"]</ref>: As the threat landscape is continuously changing, the sharing of cyber security related information between organisations – in a critical sector, cross-sector, nationally and internationally – is widely perceived as an effective measure in support of managing the security challenges. Information sharing, however, is not an easy topic as it comes with many facets. The booklet aims to support the cyber security and resilience governance. Its aim is to assist public and private policy-makers, middle management, researchers, and cyber security practitioners, and to steer you away from pitfalls.
<big>As the threat landscape is continuously changing, the sharing of cyber security related information between organisations – in a critical sector, cross-sector, nationally and internationally – is widely perceived as an effective measure in support of managing the security challenges. Information sharing, however, is not an easy topic as it comes with many facets. The booklet aims to support the cyber security and resilience governance. Its aim is to assist public and private policy-makers, middle management, researchers, and cyber security practitioners, and to steer you away from pitfalls.</big>
+
<br />
  
  

Revision as of 17:56, 11 April 2015

Information sharing in the context of Critical infrastructures is about sharing security related information. Most often it concerns Cyber security but physical security related information may be shared as well between private, public-private and public partnerships.

Definitions



International Standards

ISO/IEC 27010 (2012), “ISO/IEC 27010:2012: Information technology — Security techniques — Information security management for inter-sector and inter-organisational communications”, ISO, Geneva, Switzerland.

Good Practice on Information Sharing

European Union

  1. Actionable Information for Security Incident Response [1]
  2. Standards and tools for exchange and processing of actionable Information [2]
  3. Good Practice Guide Network Security Information Exchanges [3]


Global Conference on CyberSpace 2015 (GCCS2015)

Sharing Cyber Security Information [4]: As the threat landscape is continuously changing, the sharing of cyber security related information between organisations – in a critical sector, cross-sector, nationally and internationally – is widely perceived as an effective measure in support of managing the security challenges. Information sharing, however, is not an easy topic as it comes with many facets. The booklet aims to support the cyber security and resilience governance. Its aim is to assist public and private policy-makers, middle management, researchers, and cyber security practitioners, and to steer you away from pitfalls.


See also


References