Information Sharing & Analysis Centres: Exploring the Value of Cross-Sector Exercises
To support the cooperation of European sectorial Information Sharing and Analysis Centres (ISACs), the European Union Agency for Cybersecurity (ENISA) suggests requirements for cross-sector exercises.
Published on April 06, 2022
The report released today intends to help Information Sharing and Analysis Centres (ISACs) to strengthen their cyber incident information sharing capabilities.
What is an EU Information Sharing and Analysis Centre (ISAC) and what is its role?
ISACs are non-profit organisations, centralising information on cyberthreats and acting as a bridge between public and private sectors. The information gathered includes root causes, incidents and threats and allows for the sharing of experience, knowledge and analysis.
An EU ISAC isan ISAC which has members coming from different EU Member States.
Why a report on cross-sector exercise requirements?
The purpose of the report is to identify and assess the skills needed within the ISACs' ecosystem and to determine how these skills can be used within cross-sectorial exercises. Additionally, ENISA suggests what skills are needed to make the best use of the cross-sectorial exercises.
Key conclusions and recommendations
The interdependencies between sectors was clearly identified as a key challenge, exposing knowledge and skills gaps across the sectors. This is why training and exercises are seen as excellent opportunities to improve skills and cooperation and by doing so, to also build trust within the community.
To engage in cross-sectorial exercises, a minimum level of technical expertise and organisational competence must be ensured in relation to:
- the regulatory environment applicable to threat information exchange;
- the validation of the threat intelligence information received;
- the taxonomy used in relation to threat information, naming schemes, etc.;
- the tools used for information sharing.
The report also highlights a further gap – namely that roles and responsibilities need to be clearly defined when it comes to the sharing of information outside of the ISAC community. In addition, the development of Standard Operation Procedures (SOPs) would help to improve cross-sectorial information sharing.
Cross-sector Exercise Requirements
EU Agency for Cybersecurity launches ISAC in a Box Toolkit
Study - Effective Collaborative models for ISACs (2018)
Opinion paper - ISAC Cooperation (2019)
ENISA Incident Reporting webpage
European Electronic Communications Code
For questions related to the press and interviews, please contact press(at)enisa.europa.eu
Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!