Summary: | There is an increased recognition of the importance of information sharing within cyber security. Nevertheless, and despite the widespread use of the term “information sharing”, it is difficult to associate a precise meaning with it - not least because it is used to describe a range of different activities that are driven by a variety of goals. Furthermore, when it comes to distinguishing between the various forms of information-sharing efforts, there is evidence of a degree of inconsistency between stakeholders. In this paper we seek to understand the various definitions of cyber security information sharing; we also seek to develop a better categorisation of its different forms. In addition, we try to assess the extent to which practitioners are willing to engage in each of the derived categories. A literature review, combined with an online survey, were used to capture stakeholders' perspectives. We analyse the data with a view to establishing a more nuanced conceptualisation of information sharing. The hope is that our findings will have the potential to serve as a basis for future studies.
|