At a Borderless Cyber event today, 18 cybersecurity vendors threw their weight behind a cybersecurity interoperability initiative being led by OASIS, an industry consortium that lately has taken the lead on several cybersecurity initiatives.
Based on an interoperability initiative initially kicked off by IBM Security and McAfee, the Open Cybersecurity Alliance (OCA) includes Advanced Cyber Security Corp, Corsa, CrowdStrike, CyberArk, Cybereason, DFLabs, EclecticIQ, Electric Power Research Institute, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotien, and Tufin.
Carol Geyer, chief development officer of OASIS, said OASIS has a long history of fostering interoperability initiatives that makes the consortium a natural home for the OCA.
The two technologies at the core of the OCA are STIX-Shifter, a search capability for security products of all types based on an open source library from IBM that can identify information about potential threats within various data repositories and translate it into a format that can be digested and analyzed by any security tool that has this standard enabled, and OpenDXL Standard Ontology, a cybersecurity messaging format from McAfee designed for the OpenDXL messaging bus that will be made available under an Apache 2.0 license.
Jason Keirstead, chief architect for IBM Security Threat Management, said interoperability is a critical first step toward enabling automation to be applied at scale to security processes. Today there is a chronic shortage of cybersecurity expertise. The only way to fill that gap is to rely more on automation to enable cybersecurity professionals to secure IT environments that become more distributed with each passing day, said Keirstead.
In addition, higher levels of automation will be the only way IT organizations will be able to embrace DevSecOps processes more effectively, he added.
D.J. Long, vice president of business development for McAfee, noted that the formation of the OCA serves to confirm the fact no one IT vendor can address on their own the scope of the cybersecurity challenge organizations face today. Cybersecurity vendors that participate in the OCA will also benefit from shared research and development as they contribute to various open source projects led by OASIS.
Interoperability has been the bane of cybersecurity for as long as any IT professional can remember. Not only do organizations spend inordinate sums of money on integrating cybersecurity point products, but also cybercriminals have become more adept at exploiting the seams between cybersecurity point products. There’s really no reason why multiple cybersecurity platforms should not be able to recognize and respond to the same cybersecurity threats by implementing a common set of controls across any IT environment once interoperability becomes more commonplace.
Naturally, it will be a while before organizations see all the benefits of the joint research and development being conducted under the auspices of OCA. However, IT organizations should be able to count on the fact that the total cost of cybersecurity should decline substantially in the months and years ahead.