{"title":"Cybersecurity Information Sharing","authors":"Stuart Murdoch","doi":"10.1093/oxfordhb/9780198800682.013.55","DOIUrl":null,"url":null,"abstract":"This chapter considers the impact on cyber security of a shift from voluntary coordination to mandatory incident reporting. It traces the efforts to organize collaboration for cyber security incident response back to its voluntary beginnings with the establishment of CERT/CC by DARPA in response to the Morris Worm in 1988, via the establishment of ISACs then ISAOs under successive US presidents, to the CiSP in the UK following the London 2012 Olympics. Recognizing efforts to standardize and automate information sharing, the discussion touches on how information sharing has come to form the basis of national cyber strategies, forming a foundational element of internationally recognized maturity models for those strategies, and it goes on to consider the increasing move towards more mandatory incident reporting, especially in Critical National Infrastructure sectors across the globe, from the Defence Industrial Base in the United States to the NISD throughout the European Union. It considers the impact of mandating reporting on levels of collaboration overall, concluding that regulators must be careful not to create sector-specific silos or undermine existing levels of voluntary sharing through their enforcement of such mandatory schemes.","PeriodicalId":336846,"journal":{"name":"The Oxford Handbook of Cyber Security","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"The Oxford Handbook of Cyber Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1093/oxfordhb/9780198800682.013.55","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
This chapter considers the impact on cyber security of a shift from voluntary coordination to mandatory incident reporting. It traces the efforts to organize collaboration for cyber security incident response back to its voluntary beginnings with the establishment of CERT/CC by DARPA in response to the Morris Worm in 1988, via the establishment of ISACs then ISAOs under successive US presidents, to the CiSP in the UK following the London 2012 Olympics. Recognizing efforts to standardize and automate information sharing, the discussion touches on how information sharing has come to form the basis of national cyber strategies, forming a foundational element of internationally recognized maturity models for those strategies, and it goes on to consider the increasing move towards more mandatory incident reporting, especially in Critical National Infrastructure sectors across the globe, from the Defence Industrial Base in the United States to the NISD throughout the European Union. It considers the impact of mandating reporting on levels of collaboration overall, concluding that regulators must be careful not to create sector-specific silos or undermine existing levels of voluntary sharing through their enforcement of such mandatory schemes.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
