The Benefits of Incident Reporting
As highlighted in the December 2019 FB-ISAO Newsletter, one of the earmarks of a successful information sharing organization is receiving confidential incident reports from members. Incident reports not only serve as notification an incident has occurred and used to request assistance (if needed), but incident reports provide a better situational awareness and understanding of the threat landscape through the submission of actual events. FB-ISAO released a beta version of our Incident Reporting (IR) capability in December 2019. With feedback from members, an updated version of our IR is now available on the #general channel of the FB-ISAO workspace.
The more awareness we can share with others, the better prepared we will be individually and as a community.
Jennifer Lyn Walker, Director of Cybersecurity Services
Why should members file an Incident Report? Why should members file an Incident Report? In the context of information sharing organizations, such as FB-ISAO, incident reports help us provide awareness of threats to others, as appropriate. The more awareness we can share with others, the better prepared we will be individually and as a community. Being aware of actual incidents enhances FB-ISAO’s analytical reports, and enables us to communicate relevant mitigation actions to help other members reduce the risk posed from similar activity, effectively respond to future events, or prevent similar incidents from occurring. Incident reports are also used to identify potential trends of hostile (physical and/or cyber) activity across our community. Furthermore, the importance of reliable and up-to-date incident reports are invaluable during investigations and analysis.
When and what should members report? Incident reports should be submitted to FB-ISAO only after there is no further danger posed to individuals or organizations, but while details (even if incomplete) are still fresh in your mind. The FB-ISAO Incident Report form will guide you through the type of information to include, such as: who you are; type of incident (physical, cyber); when the incident started and/or when it was detected (for cyber incidents these times are often different); a brief description of the incident and steps you have taken in response; if there were any injuries (physical) or compromised information (cyber); and anything else you deem important for us to know.
How does FB-ISAO use information members provide? As a reminder, incident reports are never shared “as-is” without explicit approval from the reporting member. While some information may be shared anonymously to provide awareness and advise the broader faith-based community about increased concerns and observed threats among the membership, we will still ask your permission to share before doing so in any capacity.
How do members report an incident to FB-ISAO? While you can always reach out to us directly, the best way to file an incident report with FB-ISAO is through the FB-ISAO Slack workspace. Navigate to the #general channel in the FB-ISAO Slack workspace, click the lightning bolt in the top right menu bar, answer a few simple questions (mentioned above), then click submit. That’s it! Your incident report will be securely sent to FB-ISAO for further action. You will receive a response from relevant staff depending on the type of incident reported (physical or cyber) within the specified timeframe (business hours/days in Eastern Time). Likewise, at that time, we will discuss how we would like to use or further disseminate the information you provide and get your explicit permission before disseminating anything.
FB-ISAO is continually enhancing capabilities available to our members and welcome ideas on how we can better contribute to the security and resiliency of the faith-based community.
Jennifer Lyn Walker is a cybersecurity professional with over eighteen years’ experience supporting critical infrastructure and SLTT governments. She advises and consults on cyber threats related to homeland security for critical infrastructure and vital lifeline sectors. She is experienced in malware analysis, threat assessments, cyber threat intelligence, compliance, and cybersecurity awareness.
Join FB-ISAO! We welcome faith-based organizations, charities and critical partners to join FB-ISAO. Access our TLP AMBER and TLP GREEN reports, join our collaborative forums, working groups, participate in leadership opportunities and take the next step in enhancing your organization’s preparedness, security and resilience!
- Donate to FB-ISAO today and help us execute our mission!
- Interested in sponsoring FB-ISAO, or our 2019–2020 FB-ISAO Workshop Series? Read more here and contact our team for more information!
- Learn about our Membership Programs
- Learn why your FBO, charity, or non-profit should join FB-ISAO
- About our Vetting Policy
- About the Traffic Light Protocol
- Join today!
Originally published at https://faithbased-isao.org on February 14, 2020.
