Exploration of best practices for cybersecurity information sharing

All organizations are part of a collective of organizations (a chain) that share a virtual network in which information, services, products or money flows. The dependence on ICT-systems causes cyber related risks to move and advance within these chains. However, not every organization has the means and knowledge to defend themselves against these risks. Sharing information about current threats and incidents between chain organizations is vital for the creation of stronger chains.

The goal of this exploratory research (in Dutch) is to provide insights in the success factors of information sharing initiatives in the field of cybersecurity. The identification of success factors included a literature study and structured interviews with six members of three existing information-sharing initiatives: the Managed Service Provider (MSP), Information Sharing and Analysis Centre (ISAC), Energy ISAC and the security commission of the Dutch Energy Data Exchange (NEDU). We identified twenty success factors. These factors are categorized within four themes: team factors, individual factors, management factors and facilitating factors. The four most named success factors are:

  • Expertise: Members with distinctive and specialized knowledge promote information sharing and are supportive towards the individual learning goal of the members.
  • Trust: Trust is an essential condition for the willingness to work together and share information. Time is a crucial factor: time is needed for trust to exist.
  • Membership requirements: Explicit and implicit membership requirements provide a selection for suitable participants and therefore facilitate trust.
  • Structural design: A cooperation with a stable occupation and size is required to be organized according to a structure.

Knowing these success factors may help actors in a supply chain or network chain to create a successful environment for sharing risk information amongst each other.