How a Misunderstanding of GDPR Could Heighten Cyber Exposure
Cyber vulnerabilities and incidents are rarely organization-specific. A security breach into one organization's network can provide hackers with the ability to breach another organization's network by using the same tactics, techniques and procedures. Thus, a security breach into one organization may initiate a chain of security breaches compromising multiple networks of numerous organizations. Threat information sharing can short-circuit, if not prevent, chain security breaches by providing real-time information to patch vulnerabilities and thwart further attacks targeting those vulnerabilities.
However, a critical misunderstanding has stifled this efficient and cost-effective means to combat cyberattacks, which in turn may be causing real and long-lasting damage.
Rick Borden and Josh Mooney discuss lawful threat information sharing under GDPR in their article How a Misunderstanding of GDPR Could Heighten Cyber Exposure.