1. Financial entities are permitted to share cyber threat information and intelligence among themselves, including indicators of compromise, tactics, techniques, and procedures, cyber security alerts, and configuration tools. Such sharing of information aims to bolster the digital operational resilience of financial entities by enhancing awareness of cyber threats, limiting their spread, supporting defense capabilities, and facilitating threat detection, mitigation, response, and recovery efforts. This sharing should occur within trusted communities of financial entities and be governed by information-sharing arrangements that protect the sensitive nature of the shared information. These arrangements must adhere to rules of conduct that respect business confidentiality, comply with personal data protection regulations (such as Regulation (EU) 2016/679), and adhere to competition policy guidelines.
2. Information-sharing arrangements, as specified in paragraph 1, point (c), should outline the conditions for participation, including any involvement of public authorities and ICT third-party service providers. Operational elements, such as the use of dedicated IT platforms, should also be defined in these arrangements.
3. Financial entities are required to notify competent authorities of their participation in the information-sharing arrangements upon validation of their membership. They should also inform authorities if they cease their membership, effective immediately.
Define participation conditions in information-sharing arrangements and notify competent authorities of participation.
Organization should share threat intelligence information actively with other organizations to improve its own threat awareness.