A Shared Cybersecurity Awareness Platform

|Ensuring a good level of cybersecurity of global IT systems requires that speci(cid:12)c procedures and cooperation frameworks be adopted for reporting threats and for coordinating the activities undertaken by individual entities. Technical infrastructure enabling safe and reliable online collaboration between all teams responsible for security is an important element of the system as well. With the above taken into consideration, the paper presents a comprehensive distributed solution for continuous monitoring and detection of threats that may a(cid:11)ect services that provision is essential to security and broadly understood the state’s economic interests. The said solution allows to collect, process and share distributed knowledge on hazard events. The partnership-based model of cooperation between the system’s users allows the teams to undertake speci(cid:12)c activities at the central level, facilitates global cyber threat awareness, and enhances the process of predicting and assessing cyber risks in order to ensure a near-real-time response. The paper presents an overview of the system’s architecture, its main components, features, and threat intelligence tools supporting the safe sharing of information concerning speci(cid:12)c events. It also o(cid:11)ers a brief overview of the system’s deployment and its testing in an operational environment of NASK’s Computer Security Incident Response Team (CSIRT) and Security Operation Center (SOC) of essential services operators.