OASIS to Lead Cybersecurity Interoperability Initiative

At a Borderless Cyber event today, 18 cybersecurity vendors threw their weight behind a cybersecurity interoperability initiative being led by OASIS, an industry consortium that lately has taken the lead on several cybersecurity initiatives.

Based on an interoperability initiative initially kicked off by IBM Security and McAfee, the Open Cybersecurity Alliance (OCA) includes Advanced Cyber Security Corp, Corsa, CrowdStrike, CyberArk, Cybereason, DFLabs, EclecticIQ, Electric Power Research Institute, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotien, and Tufin.

Carol Geyer, chief development officer of OASIS, said OASIS has a long history of fostering interoperability initiatives that makes the consortium a natural home for the OCA.

The two technologies at the core of the OCA are STIX-Shifter, a search capability for security products of all types based on an open source library from IBM that can identify information about potential threats within various data repositories and translate it into a format that can be digested and analyzed by any security tool that has this standard enabled, and OpenDXL Standard Ontology, a cybersecurity messaging format from McAfee designed for the OpenDXL messaging bus that will be made available under an Apache 2.0 license.

Jason Keirstead, chief architect for IBM Security Threat Management, said interoperability is a critical first step toward enabling automation to be applied at scale to security processes. Today there is a chronic shortage of cybersecurity expertise. The only way to fill that gap is to rely more on automation to enable cybersecurity professionals to secure IT environments that become more distributed with each passing day, said Keirstead.

In addition, higher levels of automation will be the only way IT organizations will be able to embrace DevSecOps processes more effectively, he added.

D.J. Long, vice president of business development for McAfee, noted that the formation of the OCA serves to confirm the fact no one IT vendor can address on their own the scope of the cybersecurity challenge organizations face today. Cybersecurity vendors that participate in the OCA will also benefit from shared research and development as they contribute to various open source projects led by OASIS.

Interoperability has been the bane of cybersecurity for as long as any IT professional can remember. Not only do organizations spend inordinate sums of money on integrating cybersecurity point products, but also cybercriminals have become more adept at exploiting the seams between cybersecurity point products. There’s really no reason why multiple cybersecurity platforms should not be able to recognize and respond to the same cybersecurity threats by implementing a common set of controls across any IT environment once interoperability becomes more commonplace.

Naturally, it will be a while before organizations see all the benefits of the joint research and development being conducted under the auspices of OCA. However, IT organizations should be able to count on the fact that the total cost of cybersecurity should decline substantially in the months and years ahead.

Featured eBook
SANS 2019 Threat Hunting Survey: The Differing Needs of New and Experienced Hunters

SANS 2019 Threat Hunting Survey: The Differing Needs of New and Experienced Hunters

SANS threat hunting experts Mathias Fuchs and Joshua Lemon capture the different needs within organizations that are just starting their threat hunting journey, versus those who are honing their skills and programs. Read the report to help grow your program and improve threat hunting with: Definitions of threat hunting Methodologies of performing threat hunting Spending ... Read More
Michael Vizard

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 151 posts and counting.See all posts by mike-vizard