• Who needs to know my info?
  • The three services are just a few examples, but some other services may want to know some information that has been developed by the teams. Identify which services they are and figure out:

• What do the other services need to know?
  • We need to be able to figure out what the other teams need to know and at what frequency
  • Develop Key Risk Indicators among services
  • Automate to create the operational cyber intelligence dashboard

• How will we track results? How do we ensure that the results that are found are mitigated?
  • The left-hand needs to know what the right hand is doing. It will be the same with the teams that are sharing this information with each other.
  • If the red team and vulnerability management team found the same vulnerability in the base processes, it would be good to know (at the same time) when the vulnerability was fixed by the Risk Mitigation process.