Definition[edit | edit source]
Information sharing is
|“||[a]n exchange of data, information, and/or knowledge to manage risks or respond to incidents.||”|
|“||[t]he sharing of cybersecurity threat information with others, such as indicators (system artifacts or observables associated with an attack); tactics, techniques, and procedures (TTPs); security alerts; threat intelligence reports; and recommended security tool configurations.||”|
Overview[edit | edit source]
The term "information sharing" gained popularity as a result of the 9/11 Commission Hearings and its report of the United States government's lack of response to information known about the planned terrorist attack on the New York City World Trade Center prior to the event. The resulting commission testimony led to the enactment of several executive orders by President Bush that mandated agencies implement policies to "share information" across organizational boundaries.
Information sharing is essentially a voluntary endeavor, whether in law enforcement, other areas of government, or the private sector. Certainly, policies may exist to exhort, promote, or "require" information sharing. These may be expressed informally; assumed to be necessary and understood; or set down formally in the form of a written policy, memorandum of understanding, or statute.
Still, sharing is founded upon trust between the information provider and the intelligence consumer. Such trust is most often fostered on an interpersonal basis; therefore, law enforcement task forces and other joint work endeavors succeed where colocated, interspersed personnel from different agencies and job types convene for a common purpose. In these instances, sharing can either flourish or falter due to changes in leadership, personality differences, and real or perceived issues.
Trust is fostered and may be further institutionalized by setting standards for participation in the information sharing process; thus, personnel vetting procedures are established that range from the most stringent — national security clearances for access to classified information through law enforcement agencies' employment background checks, including criminal history records and indices — to situational criteria that define an individual's "need to know."
|“||The process of sharing and utilizing shared information can be viewed as having four main steps:||”|
Legal impediments to sharing[edit | edit source]
There are at least seven legal impediments to information sharing:
- confidential information
- trade secrets and proprietary information
- classified information
- national security
- liability (for failure to disclose), and
- State government liability and disclosure.
References[edit | edit source]
- NICCS, Explore Terms: A Glossary of Common Cybersecurity Terminology (full-text).
- Report on Securing and Growing the Digital Economy, at 89.
- How Do We Know What Information Sharing Is Really Worth? Exploring Methodologies to Measure the Value of Information Sharing and Fusion Efforts, at 9.
- Critical Foundations: Protecting America's Infrastructures.
See also[edit | edit source]
- Data sharing
- Information Sharing Access Agreement
- Information Sharing and Access Interagency Policy Committee
- Information Sharing and Analysis Center
- Information Sharing and Analysis Centers Council
- Information Sharing and Analysis Organization
- Information Sharing and Collaboration Branch
- Information sharing environment
- Information Sharing Environment: Better Road Map Needed to Guide Implementation and Investments
- Information Sharing Coordination Council
- Information Sharing Council
- Information Sharing Environment
- Information Sharing Governance Board
- Information Sharing Policy Board
- Information Sharing Policy Coordination Committee
- Information Sharing Policy Group
- Information Sharing Team
|This page uses Creative Commons Licensed content from Wikipedia (view authors).|