cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
JPC
Newcomer I

Help required in Implementing an effective information sharing programme

Hello everyone,

I'm looking to establish an information security sharing programme in my company with some of my peers in the same business sector. 

Does anyone have any experience of implementing such a programme and/or would you be able to recommend any good frameworks to use?

My Initial thoughts of an agenda are

  • MI of attacks observed to the business within x date
  • Threat intelligence from outside the business (i.e. new attack vectors, critical CVEs etc)
  • Information of any changes to frameworks/guidelines
  • Regulatory changes to be aware of
  • AOB (i.e. challenges, new technology/processes of interest etc)

Any help/guidance/validation would be much appreciated.


J

2 Replies
Badfilemagic
Contributor II

Does your industry already have an ISAC? If so, you may just want to join that. Expect management and legal to set a lot of limits on what you share out, though. Remember, your “peers in the same business sector” are essentially “people working for competitors” and IoCs and TTP observables you share out are data points indicating an incident at your company, which is in and of itself valuable competitive intelligence to those other companies.
-- wdf//CISSP, CSSLP
JPC
Newcomer I

Thanks for the reply. There is an industry specific ISAC which I will review (and pass through our legal team). Thank you for the suggestion.

Our regulator is encouraging peer to peer engagements which I agree needs to be pitched at an appropriate level to ensure value without oversharing.