01916nas a2200217   4500000000100000000000100001008004100002653002800043653001800071653002400089653002600113653002900139100002100168700001700189700001700206700001900223245009700242300001200339490000700351520134000358       2019                            d10aCritical Infrastructure10aCybersecurity10ainformation sharing10aSituational awareness10avital societal functions1 aJouni Pöyhönen1 aViivi Nuojua1 aMartti Lehto1 aJyri Rajamäki00aCyber Situational Awareness and Information Sharing in Critical Infrastructure Organizations  a236-2560 v433 a<p>Cybersecurity-related capabilities play an ever-growing role in national security, as well as securing the functions vital to society. The national cyber capability includes the resilience of companies running critical infrastructures, their cyber situational awareness (SA) and the sharing of cybersecurity information required for cyber SA. As critical infrastructures become more complex and interdependent, ramifications of incidents multiply. The EU Network and Information Security Directive calls for cybersecurity collaboration between EU member states regarding critical infrastructures and places the most crucial service providers and digital service providers under security-related obligations. Developing better SA requires information sharing between the different interest groups and enhances the preparation for and management of incidents. The arrangement is based on drawing correct situation-specific conclusions and, when needed, on sharing critical knowledge in the cyber networks. The target state is achieved with an efficient process that includes a three-level—strategic, operational and technical/tactical—operating model to support decision-making by utilizing national and international strengths. In the dynamic cyber environment strategic agility and speed are needed to prepare for incidents.</p>