01640nas a2200193 4500000000100000000000100001008004100002260000900043653001900052653001700071653003700088653002500125653002400150100001600174245004200190300001000232490000700242520119700249 2018 d c201810acyber security10acyber threat10acyber threat information sharing10aInformation Security10ainformation sharing1 aVasil Rizov00aInformation Sharing for Cyber Threats a43-500 v393 a
An organization that has faced an attack acquires valuable information on cyber threats that may be shared with others. This information can help an organization to identify, assess, monitor, and respond to cyber threats. Organizations that share cyber threat information can improve their own security postures as well as those of other organizations. Information sharing among private and public entities is a powerful mechanism to better understand a constantly changing environment and learn in a holistic way about serious risks, vulnerabilities and threats, as well as solutions. This article provides a review of the benefits and challenges of coordinating and sharing cyber threat information, the strengths and weaknesses of different information sharing models, and the importance of building trust between actors and handling sensitive or classified information. Organizations have to establish information sharing goals and scope of information sharing activities, identify cyber threat information sources, develop rules that control the distribution of threat information, and make effective use of threat information in support of their overall cyber security practices.