Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

SP 800-150 (DRAFT)

Guide to Cyber Threat Information Sharing

Date Published: April 2016
Comments Due: May 24, 2016 (public comment period is CLOSED)
Email Questions to: sp800-150comments@nist.gov

Withdrawn: October 04, 2016

Author(s)

Christopher Johnson (NIST), Mark Badger (NIST), David Waltermire (NIST), Julie Snyder (MITRE), Clem Skorupka (MITRE)

Announcement

NIST requests comments on the second draft of Special Publication (SP) 800-150, Guide to Cyber Threat Information Sharing. This draft provides guidelines for establishing, participating in, and maintaining cyber threat information sharing relationships. The publication describes the benefits and challenges of sharing, the importance of building trust, the handling of sensitive information, and the automated exchange of cyber threat information. The goal of the publication is to provide guidelines that help improve cybersecurity operations and risk management activities through safe and effective information sharing practices. The guide is intended for computer security incident response teams (CSIRTs), system and network administrators, security staff, privacy officers, technical support staff, chief information security officers (CISOs), chief information officers (CIOs), computer security program managers, and other stakeholders in cyber threat information sharing activities.

Abstract

Keywords

cyber threat information sharing; indicators; information security; cyber threat; information sharing
Control Families

Incident Response; System and Information Integrity;

Documentation

Publication:
Second Draft SP 800-150 (Apr. 2016)

Supplemental Material:
Initial Draft SP 800-150 (Oct. 2014) (pdf)

Document History:
Draft SP 800-150 (4/21/16)
SP 800-150 (10/4/16)