The ISAO Standards Organization (SO) announced today that the publication ISAO 300-2: Automated Cyber Threat Intelligence Sharing is now available to the public and is available for free download on ISAO.org.
Comprised of technical discussions and guidelines to assist organizations implementing automated cyber threat intelligence information sharing and its use in mitigating cybersecurity risks, the ISAO 300-2 document is designed to provide an implementation guideline for automating key elements of the cyber threat intelligence life cycle.
“This document, written and supported by volunteers within the ISAO community, supports the decision-making and actions taken by the information sharing ecosystem to manage cybersecurity risks to their organizations,” said Dr. Greg White, executive director of the ISAO SO.
The ISAO 300-2 document is targeted at organizations wanting to automate and use cyber threat intelligence processes for defending their enterprise. This document is also useful for any Information Sharing and Analysis Organization (ISAO) members and organizations that are participating or considering participating in automated sharing efforts.
The document highlights areas that include, but are not limited to, the information life cycle, structured and unstructured data as it relates to automation, different types of automation, the cyber threat intelligence ecosystem, stakeholder engagement and how to design an automated process.
“The ISAO SO 300-2 document wouldn’t be possible without our work group chairs Kent Landfield, chief standards and technology policy strategist from McAfee, and Roger Callahan, a consultant from FS-ISAC,” said Jeremy West, director of lifecycle development at the ISAO SO. “Our work group chairs were pivotal in leading a committed team of thought leaders in the production of this valuable guidance on automating cyber threat intelligence sharing.”
ISAO 300-2 is a voluntary guideline document that was developed by a team of working group volunteers in response to Presidential Executive Order 13691 to provide guidelines for robust and effective information sharing and analysis related to cybersecurity risks, incidents and best practices.
Provide Feedback
Although the official comment period ended, the ISAO Standards Organization is still accepting comments on the website to be included in future adjudication and revisions of this document. If you have any comments or suggestions relating to this document, you may submit them using our published product comment form.
CLICK HERE to provide feedback on this document.