Cyber Security Information Sharing During a Large Scale Real Life Cyber Security Exercise

In the event of a cyber attack, the efficient production and utilisation of situational information is achieved by sharing information with other actors. In our research, we have discovered how information related to cyber security can be shared online as efficiently as possible between organisations. We used the constructive method to implement a cyber sercurity information sharing network using the Malware Information Sharing Project (MISP). The model was tested in a pilot exercise in fall 2021. The key findings in connection with the pilot showed that it is particularly important for the recipient of information security information how quickly and accurately the information security event is described. In order to help quick reaction, it would also be necessary to implement informal channels, through which security information can be shared easily without structured event descriptions.