Critical infrastructure is increasingly comprised of distributed, inter---dependent components and information that is vulnerable to sophisticated, multi---stage cyber---attacks. These attacks are difficult to understand as isolated incidents, and thus to improve understanding and response, organizations must rapidly share high quality threat, vulnerability and exploit---related, cyber---security information. However, pervasive and ubiquitous computing has blurred the boundary between work---related and personal data. This includes both the use of workplace computers for p