Abstract
Providing Critical Information Infrastructure Protection
(CIIP) has become an important focus area for countries
across the world with the widespread adoption of computer
systems and computer networks that handle and transfer large
amounts of sensitive information on a daily basis. Most large
organisations have their own security teams that provide some
form of protection against cyber attacks that are launched by
cybercriminals. It is however often the case that smaller stakeholders
such as schools, pharmacies and other SMEs might not
have the required means to protect themselves against these cyber
attacks. The distribution of relevant and focused information
is an important part of providing effective protection against
cyber attacks. In this paper some of the existing mechanisms
and formats in which information related to software security
vulnerabilities are provided to the public are discussed and
reviewed. Providing focused and relevant information can enable
smaller stakeholders such as SMEs that have a limited set of skills
and expertise to limit their risk of exposure to cyber attacks.