Advertisement

On the Sharing of Cyber Security Information

  • Eric Luiijf
  • Marieke Klaver
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 466)

Abstract

The sharing of cyber security information between organizations, both public and private, and across sectors and borders is required to increase situational awareness, reduce vulnerabilities, manage risk and enhance cyber resilience. However, the notion of information sharing often is a broad and multi-faceted concept. This chapter describes an analytic framework for sharing cyber security information. A decomposition of the information sharing needs with regard to information exchange elements is mapped to a grid whose vertical dimension spans the strategic/policy, tactical and operational/technical levels and whose horizontal dimension spans the incident response cycle. The framework facilitates organizational and legal discussions about the types of cyber security information that can be shared with other entities along with the terms and conditions of information sharing. Moreover, the framework helps identify important aspects that are missing in existing information exchange standards.

Keywords

Information sharing cyber security resilience incident management 

Copyright information

© IFIP International Federation for Information Processing 2015

Authors and Affiliations

  • Eric Luiijf
    • 1
  • Marieke Klaver
    • 1
  1. 1.Netherlands Organisation for Applied Scientific Research (TNO)The HagueThe Netherlands

Personalised recommendations