The purpose for this document is assist risk managers in making decisions with respect to privacy when sharing cybersecurity information. It builds upon the previously published basic principles by outlining actions to promote efficient and effective information sharing while minimizing the impact on privacy interests. Importantly, this document reflects the contributions of industry, civil society, and the government. This document supplements ISAO 300-1 Introduction to Information Sharing, Section 9 Information Privacy.
If you are having trouble viewing this document, we recommend either saving the document before opening it or switching to a different browser.
If you have any comments or suggestions relating to this document, you may submit them using our published product comment form.