Guide to Cyber Threat Information Sharing

Published: October 04, 2016

Author(s)

Christopher S. Johnson, Mark L. Badger, David A. Waltermire, Julie Snyder, Clem Skorupka

Abstract

Cyber threat information is any information that can help an organization identify, assess, monitor, and respond to cyber threats. Cyber threat information includes indicators of compromise; tactics, techniques, and procedures used by threat actors; suggested actions to detect, contain, or prevent attacks; and the findings from the analyses of incidents. Organizations that share cyber threat information can improve their own security postures as well as those of other organizations. This publication provides guidelines for establishing and participating in cyber threat information sharing relationships. This guidance helps organizations establish information sharing goals, identify cyber threat information sources, scope information sharing activities, develop rules that control the publication and distribution of threat information, engage with existing sharing communities, and make effective use of threat information in support of the organization's overall cybersecurity practices.
Citation: Special Publication (NIST SP) - 800-150
Report Number:
800-150
Pub Type: NIST Pubs

Keywords

cyber threat, cyber threat information sharing, indicators, information security, information sharing
Created October 04, 2016, Updated November 10, 2018