Re: Help required in Implementing an effective inf...

JPC · ‎05-23-2018

Hello everyone,

I'm looking to establish an information security sharing programme in my company with some of my peers in the same business sector.

Does anyone have any experience of implementing such a programme and/or would you be able to recommend any good frameworks to use?

My Initial thoughts of an agenda are

MI of attacks observed to the business within x date
Threat intelligence from outside the business (i.e. new attack vectors, critical CVEs etc)
Information of any changes to frameworks/guidelines
Regulatory changes to be aware of
AOB (i.e. challenges, new technology/processes of interest etc)

Any help/guidance/validation would be much appreciated.

J

Badfilemagic · ‎05-23-2018

Does your industry already have an ISAC? If so, you may just want to join that. Expect management and legal to set a lot of limits on what you share out, though. Remember, your “peers in the same business sector” are essentially “people working for competitors” and IoCs and TTP observables you share out are data points indicating an incident at your company, which is in and of itself valuable competitive intelligence to those other companies.

-- wdf//CISSP, CSSLP

JPC · ‎05-23-2018

Thanks for the reply. There is an industry specific ISAC which I will review (and pass through our legal team). Thank you for the suggestion.

Our regulator is encouraging peer to peer engagements which I agree needs to be pitched at an appropriate level to ensure value without oversharing.

Help required in Implementing an effective information sharing programme