Threat information is exchanged with stakeholders (for example, executives, operations staff, government, connected organisations, vendors, sector organisations, regulators, Information Sharing and Analysis Centers [ISACs])
Context and Guidance: Identify what types of threat information you are either willing to and permitted to share or are obligated to report and set up relationships and communications processes to share that information with others. Information sharing activities should adhere to your legal and regulatory requirements. For threat information sharing to be efficient and meaningful, some analysis should be done to ensure that all relevant stakeholders have been identified and are being involved appropriately in threat management activities. A stakeholder mapping technique might aid in accomplishing this.
Related Practices • Information Sharing: This practice is part of a group of cross-domain practices that enable information sharing with organisational stakeholders. These include: THREAT-1i, THREAT-2h, THREAT-2k, RISK-1c1d, SITUATION-3a, SITUATION-3c, SITUATION-3d, SITUATION-3e, RESPONSE-2g, RESPONSE-3c, RESPONSE-3f. • Progression: This practice is part of a practice progression. Practice progressions are groups of related practices that represent increasingly complete or more advanced implementations of an activity. The practices in this progression include: THREAT-2b, THREAT-2h, THREAT-2k.