October 31, 2014

NIST Guide to Cyber Threat Information Sharing open for comments

English: Atomic Clock NIST-F1 (1999)
English: Atomic Clock NIST-F1 (1999) (Photo credit: Wikipedia)
Posted on 30 October 2014.
NIST has announced the public comment release of Draft Special Publication (SP) 800-150, Guide to Cyber Threat Information Sharing.

The purpose of this publication is to assist organizations in establishing, participating in, and maintaining information sharing relationships throughout the incident response life cycle.

The publication explores the benefits and challenges of coordination and sharing, presents the strengths and weaknesses of various information sharing architectures, clarifies the importance of trust, and introduces specific data handling considerations.

The goal of the publication is to provide guidance that improves the efficiency and effectiveness of defensive cyber operations and incident response activities, by introducing safe and effective information sharing practices, examining the value of standard data formats and transport protocols to foster greater interoperability, and providing guidance on the planning, implementation, and maintenance of information sharing programs.

NIST is asking the public to comment on the draft by November 28, 2014. They are to be sent to sp800-150comments(at)nist.gov.