Let's talk about the traffic light protocol.
This is a really efficient way to
indicate very clearly the level of security required when certain information is being sent back and forth.
Uh, it's extremely used to do this with email, for instance. You can use a label like we see here on the left.
put that in the subject line. You could even, you know, if you had the right
tools at your disposal. You could even color code things, of course, to do. You also indicate their security level.
Let's have a look at this
As it says here, it's facilitated share information
easy to understand way too.
Define security level of information you're looking at.
So not for disclosure.
For Red Red means danger, that one should be pretty obvious. Amber being limited disclosure
allowed within the community. Whatever community of this
and then white would be something like,
uh, public information.
So it's a really efficient way to you to do this.
official color values are given here. If you wanted to make sure that you're
your your implementation of traffic light protocol is correct.
Now let's talk a little bit more about the other aspects of operational sharing,
trying to find a suitable partners
within the industry, that urine or within your own
trying to find partners with other agencies.
Trying to find a suitable
security requirement in another organization so that you can have
for information at a comparable level can be quite a challenge. But just like anything else providing some value to a existing community or trying to create your own community,
usually well eventually returned symbols up results.
There is a school of thought that says that you must contribute something to a community,
maybe even free of charge, as a way to demonstrate
your suitability for receiving their contributions.
It's not a bad way to look at it.
You give a little and get a little in. That could, uh, help build everyone else's awareness because they're all doing the same thing.
This concept of the Information Sharing and analysis center then
makes a lot of sense. This provides a forum to help organize the sharing of information
any more productive and efficient way.
So D a chest a golf has a little bit about. These
kinds of organizations were supposed to be non profit,
existing just for the purposes of advancing cyberthreat, cyber threat intelligence information.
And they go into a little bit more detail about some executive orders related to,
cyber threat. Intelligence sharing.
National Cybersecurity Communication Center is involved.
There's a standards organization so you can get
a little bit more detail.
We can open that really quick,
and so here you can see more detail. If you want to dig deep,
dig deeper, especially if you had to
provide this information as a justification for choosing a particular standard and say, This is you know, the organization that produces the guidance,
and it's also referenced by D. H s. That should be easy to defend as a as a choice for where you got your information and how you would like to move forward with some operational planning goals.
So the high level goals of the organization being voluntary in transparent
make sure the intelligence is actionable,
There's also a National Council of Information sharing nails, the Centers or Ice ax
and Wikipedia has some information on this
and all these director of members include quite a few industries. Important industries
in the United States. Automotive, aviation, electricity, emergency service's national health, nuclear real estate supply chain water.
These are all areas that affect just about every kind of corporation. And, of course, citizens
daily lives as well.
So some great information here
thio to be had by joining an organization like this
and at least figuring out, what else do they do? How how did they share this information
how was useful? How is it utilized within those various communities? So a couple things to think about their the traffic light protocol and the information sharing and analysis centers.