In an increasingly interconnected world, it is essentials for all entities to have a common strategy involving each cybersecurity operations center, in order to increase the overall system’s resilience.

The sharing of cybersecurity information is the first step to tackle when defining this common strategy, both at the sectoral and regional level. This is of particular relevance above all since it allows for the creation of a cybersecurity information-sharing ecosystem. Industries, Universities, Governments, private stakeholders and critical infrastructure providers are the main actors involved in this network. In general, the characterization of threats follows the information exchange (threat sharing) and is based on three fundamental aspects: cyber adversary tactics, techniques and procedures (TTPs).

In order to be effective, the common strategy should be principled, preventative, proactive and partnership-focused: it should not be abstract, but should follow a pragmatic approach by seeking to invest in affordable and effective solutions. In the near future, the human intervention will no more be necessary for the protection of computers: computers themselves will be responsible for acknowledging and sharing incidents, analytics and exercises, in order to increase their cyber resilience.