Mallinder Jason, Drabwell Peter
J Bus Contin Emer Plan. 2013;7(2):103-11.
Cyber threats are growing and evolving at an unprecedented rate.Consequently, it is becoming vitally important that organisations share information internally and externally before, during and after incidents they encounter so that lessons can be learned, good practice identified and new cyber resilience capabilities developed. Many organisations are reluctant to share such information for fear of divulging sensitive information or because it may be vague or incomplete. This provides organisations with a complex dilemma: how to share information as openly as possibly about cyber incidents, while protecting their confidentiality and focusing on service recovery from such incidents. This paper explores the dilemma of information sharing versus sensitivity and provides a practical overview of considerations every business continuity plan should address to plan effectively for information sharing in the event of a cyber incident.
网络威胁正以前所未有的速度增长和演变。因此,组织在遇到事件之前、期间和之后在内部和外部共享信息变得至关重要,以便吸取教训、识别良好做法并开发新的网络弹性能力。许多组织因担心泄露敏感信息或因为信息可能模糊或不完整而不愿共享此类信息。这给组织带来了一个复杂的困境:如何尽可能公开地共享网络事件信息,同时保护其机密性并专注于从此类事件中恢复服务。本文探讨了信息共享与敏感性之间的困境,并实际概述了每个业务连续性计划在网络事件发生时为有效规划信息共享应考虑的因素。
