Analysis of information

5

As the name "Information Sharing and Analysis Centre" illustrates, one of the two legs of the ISAC is the analysis part. Most ISACs use the majority of their efforts for information sharing. Over time ISACs will have achieved a flow of information sharing and at some point, it may experience an overload of information. At this point, there may be a momentum to structure and distil the data into useful knowledge and outputs. Examples of outputs could be threat landscape reports, risk and vulnerability assessments and aggregated incident analysis reports illustrating patterns and trends over time. To structure and compile data, ISACs can get support from data sharing platforms, like MISP (Malware Information Sharing Platform & Threat Sharing), but will also need resources to compile and analyse the data. This could be carried out in dedicated working groups and, if there are the financial resources, ISACs may want to use a third-party contractor for performing the work. If the governance model is a PPP, then the government body may offer to take on that role.

Outcome:

  • Activity – Analysis, Information exchange
  • Document - Report
  • Tool – Information Sharing Platform (eg MISP), email
Contents

There are currently no items in this folder.

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies