CSO Online has written an article discussing the importance of cyber incident reporting and how it helps build a more resilient security community. While many governments are beginning to implement legislation that mandates incident reporting, the article points to existing mechanisms the private sector has used to share information through Information Sharing and Analysis Centers (ISACs). These channels have helped organizations mitigate attacks and coordinate a response to widespread campaigns. Current information sharing networks depend on voluntary information sharing, making it difficult to gain a comprehensive picture of the state of cybersecurity within a sector when organizations choose not to share. The article urges organizations to consider building information sharing into their incident response processes along with providing more comprehensive data to their peers. Read more at CSO Online.
Food for thought (by Jennifer Lyn Walker): Non-attributable reporting is why the ISACs/ISAOs exist. I beg everyone to stop keeping cyber incidents so close to the vest. ISACs/ISAOs thrive on being able to help their sectors/communities understand the threats facing them. We do that best when we receive member reports that we anonymize and report out for the benefit of all members. Sadly, far too often, the news ends up leaking from elsewhere anyway, and that's unfortunate to first hear something about a sector organization’s cyber incident from the mass-media news.