In the survey conducted by the Water Sector Coordinating Council, Cybersecurity: 2021 State of the Sector, participants were asked about concerns regarding the exchange of organizational information on cybersecurity threats, vulnerabilities, mitigation, and security incidents with external organizations. While over 30% identified no barriers, 60% noted lack of know-how (37.76%) and lack of trust around maintaining confidentiality of information shared (22.39%). To assist in understanding the mechanics of sharing, specifically how organizations protect the information being shared, NIST has published an update to Managing the Security of Information Exchanges (SP 800-47 Rev. 1).
Managing the Security of Information Exchanges (SP 800-47 Rev. 1) focuses on managing the protection of the information being exchanged or accessed before, during, and after the exchange. The publication does not discuss specific technology used for sharing or securing information, but rather includes recommended steps with an emphasis on security measures necessary to protect shared data. Download the document at NIST.