Multiple platforms for sharing information on cybersecurity threats as crucial tools to increase cyber threat resilience.
The global, connected nature of the Internet puts each element of a smart grid less than one second away from 3 billion people — thousands of whom have malicious intent. Defending against these threats requires:
- Cyber intelligence: Information about attacks, including relevant context and detail about tools and tactics used
- Orchestration and automated response: Interconnection of cyber defense tools and disparate data sources to research cyber threats, manage cyber intelligence, and respond to cyber attacks; through context-aware workflows combining machine-automation with analyst-driven processes
- Developing and sharing of defensive measures: Signatures, rules, or techniques for detection and protection
- Operational collaboration: Cross-organizational coordination to improve analytic quality and speed (correlating attack detections, leveraging distributed threat research expertise) or increase the disruption of adversarial activities (coordinating authorities and defensive actions, timing information release)