Control: The organisation implements a threat awareness program that includes across organisation information-sharing capability.
Threat Awareness Program Supplemental Guidance:
Because of the constantly changing and increasing sophistication of adversaries, especially the advanced persistent threat (APT), it is becoming more likely that adversaries may successfully breach or compromise organisational information systems. One of the best techniques to address this concern is for organisations to share threat information. This can include, for example, sharing threat events (i.e., tactics, techniques, and procedures) that organisations have experienced, mitigations that organisations have found are effective against certain types of threats, threat intelligence (i.e., indications and warnings about threats that are likely to occur). Threat information sharing may be bilateral (e.g., government-commercial cooperatives, government-government cooperatives), or multilateral (e.g., organisations taking part in threat-sharing consortia). Threat information may be highly sensitive requiring special agreements and protection, or less sensitive and freely shared.
Related controls: PM-12, PM-16.