Incentives and Challenges for Information Sharing in the Context of Network and Information Security
ResearchPosted on rand.org Sep 8, 2010Published In: ENISA, European Network and Information Security Agency, 2010
ResearchPosted on rand.org Sep 8, 2010Published In: ENISA, European Network and Information Security Agency, 2010
The importance of information sharing to ensuring network and information security is widely acknowledged by both policy-makers and by the technical and practitioner community -- for example, in the European Programme on Critical Infrastructure Protection (EPCIP) and in the 2004 Availability and Robustness of Electronic Communications Infrastructures (ARECI) study, which noted that formal means for sharing information should be set up in order to improve the protection and rapid restoration of infrastructure critical to the reliability of communications within and throughout Europe. A 2009 gap analysis conducted by ENISA of good practice in respect of telecommunication network operators identified information sharing as a set of useful best practice. Given the acknowledged importance of information sharing, this report sets out findings from a research project into the barriers to and incentives for information sharing in the field of network and information security, in the context of peer-to-peer groups such as Information Exchanges (IE) and Information Sharing Analysis Centres (ISACs).
This publication is part of the RAND external publication series. Many RAND studies are published in peer-reviewed scholarly journals, as chapters in commercial books, or as documents published by other organizations.
RAND is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.