Principle 8: Share Intelligence
| No: 43065348 | Date(g): 27/2/2022 | Date(h): 26/7/1443 |
Effective from Feb 27 2022 - Feb 26 2022
To view other versions open the versions tab on the right
Member Organizations should establish specific sharing standards for the dissemination of threat intelligence. Examples of delivery methods for threat intelligence are provided in "Annex E,-Threat intelligence Delivery Methods".
Member Organizations should establish a consistent and precise language practice throughout the organization to ensure wide applicability of threat intelligence. To clearly communicate threat intelligence, the Member Organizations should rely for example on 2 writing guide (e.g. the Economist style Guide). They should also use a scale of 'estimative probability' system while engaging in analysis as defined in "Saudi Central Bank's Threat Advisory Template".
Member Organizations should disseminate threat intelligence in an effective, timely, and accurate manner. It should be presented in a clear, concise, and coherent way when shared with the relevant internal stakeholders. When sharing intelligence with Saudi Central Bank, Member Organizations should define procedures that help control the publication and distribution of threat information.
All the information produced by the Member Organizations should be classified in accordance with the Traffic Light Protocol (TLP) classification scheme as per the "Saudi Central Bank Cybersecurity Communication Protocols".