The Department of Homeland Security’s Cyber Incident Data and Analysis Working Group (CIDAWG), has released its second white paper on data sharing. The paper describes the type of information that should be shared in an anonymous cyber incident clearinghouse to support insurers, CISOs, CSOs, and other cybersecurity professionals with cyber risk analysis.
The report, “outlines each of those data categories that, if anonymously shared into a repository, could be used to perform trend and other analyses by enterprise risk owners and insurers. Such repository-supported analyses, conducted in strict accordance with all applicable legal and privacy requirements, could help both private and public sector organizations better assess cyber risks, identify effective controls, and improve their cyber risk management practices.”