There are many ways for defining knowledge management. One of the ways to see it is as the systematic procedures by which the flow of information and knowledge throughout an organization becomes a shared process, reaching the relevant persons. It should ensure that knowledge does not get lost when people leave or are absent. It is characteristic of a learning organisation, in which new insights are shared and curated so as to be accessible for all.

Knowledge management in an organisation is an important tool to combat cybersecurity issues. This means that information about attacks and incidents is reported and shared, and retrievable by and for all concerned. Ideally, this includes information about how the issue was resolved, what actions have been undertaken to prevent future similar incidents, etc.

All of this is fine to require, but it rarely happens, not in the domain of cybersecurity, or in other domains. There are many reasons for that we will not go into here.

A good question would be what needs to be monitored and shared, and with whom? This is exactly what knowledge management is about. Our deployment plan will implement some of these measures.

Jerry Andriessen, Chris Wills
Wise & Munro Learning Research/ Caris Research Ltd.