MeriTalk published this article on Tuesday, October 16, 2018 on INSA's recent framework on sharing indications and warnings (I&W) of cyberattacks and deconstructing the data into indicators that can be monitored.
“The intent of this framework is to give government, academic, and industry professionals a practical analytic process in which an anticipated attack scenario is decomposed into indicators that can be continuously monitored to warn of an actual attack,” the framework states.
INSA found three main challenges to I&W: a lack of personnel with cyber and intelligence skills, a lack of effective contracts and procurement approach, and the lack of a framework.
A survey from INSA also found that organizations were largely relying on cyber threat intelligence to anticipate threats, and sharing information through free-flow text and email lists, although half of respondents replied that they were using some form of automation to share and receive information. Among the biggest obstacles to information sharing is the lack of awareness about where to share information, the slow speed of sharing, and a culture focused on keeping threat info internally, INSA said.Read More at MeriTalk