Comparing Cybersecurity Information Exchange Models and Standards for the Common Secure Information Management Framework

Abstract

AbstractCyber threats have increased in spite of formal economic integration in the world. Decision-makers and authorities need to respond to the growing challenge of cyberthreats by increasing cooperation. Information is one of the main facilities when the objective is to prevent hybrid threats at EU level and between the western countries. The main purpose of the study is to find out separating and combining factors concerning existing cyber information sharing models and information management frameworks in western countries. The aim is also to find out crucial factors, which affect the utilization of a common Early Warning System for the ECHO stakeholders. The main findings are that unclear allocation of responsibilities in national government departments prevents authorities from fighting together against cyber and physical threats. Responsibilities for developing cybersecurity have been shared among too many developers. Operational work concerning cyber threat prevention between European public safety authorities should be more standardized, with more centralized information management system. When the purpose is to protect the critical infrastructure of society, public safety organizations in European Union member states need proactive features and continuous risk management in their information systems. The sharing of responsibilities for standardization concerning information management systems and cyber emergency procedures between authorities and international organizations is unclear.KeywordsInformation sharingEarly warningStandardsECHO project