Information Sharing
You need to give compelling reasons to companies to share information. But what if you consider sharing cyber incidents information as a form of protection? There is a clear need for awareness and mitigation of threats before the criminals start their attacks, particularly where critical assets are concerned. Understanding previous attacks, or attacks in progress, can provide the necessary information for protecting organisations. Effective incident reporting procedures using cyber threat information increases the ability of industry/sector to provide timely responses to incidents, including alerts to information sharing parties. Sharing also fosters collaboration among peers and increases trust among them, it reduces the cost of detecting and preventing data breaches and improves the effectiveness of incident response plan.
We appreciate that there are significant barriers and challenges for sharing information.
And trust takes time to build. However, it is important to establish a positive environment of cooperation in which all companies get the benefit of sharing cyber intelligence.
ICT incidents information sharing plays its important part in improving overall digital operational resilience of companies and is being encouraged and mandated by various
regulations including DORA. So what would cyber incidents information sharing involve?
To start with, we would encourage your organisation to have a formal plan for sharing information as per DORA requirement. Information sharing in this case is mostly done
between organisations in the same sector and through competent central authorities. You would notify relevant competent authorities of your participation in the information-sharing arrangements. Information-sharing arrangements have to (a) protect the potentially sensitive nature of the information, (b) define the conditions for participation, (c) set out the details on the involvement of public authorities and their capacity.
Next, you have to have resources and capabilities to build up strong cybersecurity team which will proactively collect, analyse and monitor past, current and potential threats and put in place and continuously improve risks’ mitigation practices and procedures. Other internal team members from across the organisation can do their part by reporting suspected threats and incidents. Being proactive about sharing of information involves situational awareness and communication across the organisation, with the relevant competent authorities and, in certain cases, with the general public.
We will provide you with tools to put together or enhance your organisation’s plan for sharing ICT incidents related information to further protect your company from cyber
threats and to comply with DORA requirements.
You can find about our services here and contact us for more information