Description
Implement a threat awareness program that includes a cross-organization information-sharing capability that can influence the development of the system and security architectures, selection of security solutions, monitoring, threat intelligence, and impact of threats on the risk to organizational operations and assets, individuals, other organizations, and the Nation.
Supplemental Guidance
Because of the constantly changing and increasing sophistication of adversaries, especially the advanced persistent threat (APT), it may be more likely that adversaries can successfully breach or compromise organizational systems. One of the best techniques to address this concern is for organizations to share threat information, including threat events (i.e., tactics, techniques, and procedures) that organizations have experienced, mitigations that organizations have found are effective against certain types of threats, and threat intelligence (i.e., indications and warnings about threats). Threat information sharing may be bilateral or multilateral.
Changes from Rev 4
Cross-organization information-sharing capability added. Discussion expanded for APT awareness.