A White Paper from Osborne Clarke on 4th January argues that threat information-sharing and why it is a legitimate interest of financial institutions under GDPR. It says that the GDPR has stifled the practice of threat information-sharing, in turn increasing the threat of successful attacks. However, the White paper concludes that threat information-sharing seeks to preserve fundamental goals of GDPR, and is a cornerstone to the Regulation’s principles and purpose: to protect “fundamental rights and freedoms of natural persons and in particular their right to protection of personal data”. The White Paper says that a proper understanding of what is involved is required, and explains what it is. It says that threat information-sharing is the exchange of information relating to threats, whether cyber or other, between members of a sharing community for the purpose of enhancing their security posture by leveraging the collective knowledge, experience, and capabilities of the community toward the threat. Generally, a “threat” is any circumstance with the potential to adversely impact organisational operations (including mission, functions, image, or reputation), assets, individuals, other organisations, or a nation through an information system “via unauthorised access, destruction, disclosure, or modification of information, and/or denial of service”. Thus threat information-sharing involves the sharing of information to help organisations protect individuals, organisations, nations, and even the public at large against malicious acts resulting in an unauthorised access, disclosure, loss, or alteration of data, including personal data. It says that a common motto for threat information-sharing is allowing “one organisation’s detection to become another’s prevention”.
http://www.osborneclarke.com/wp-content/uploads/2019/01/Threat-Information-Sharing-and-GDPR_Final_TLP-WHITE.pdf
raytodd.blog 