There’s more to information sharing than calling the Feds. You also need to inform your partners in the event of a cybersecurity incident, not just third parties but fourth and fifth parties, too. You need to consider what information to share and how to share it. If your Microsoft Exchange server was exploited, for example, information sharing via email is far from advisable. Information sharing can be especially difficult for smaller organizations who may not have processes behind information sharing. All organizations must establish processes that include information sharing and also demonstrate the value of it to their employees.
CISO Street recently moderated a virtual CISO panel and asked panelists to share their perspectives on current cyber trends and challenges. In this video, Amber Simco, Deputy CISO for The National Institutes of Health, Endre Jarraux Walls, CISO for Customers Bank, and Anne Marie Zettlemoyer, Business Security Officer for Mastercard, discuss the importance of information sharing during an incident.