Tech companies collaborate to build cybersecurity framework
18 tech companies have joined together to build a common data standard for sharing cybersecurity information and integrating cyber products.
The group, which includes Amazon's AWS cloud business, cybersecurity firm Splunk Inc, Palo Alto Networks Inc and International Business Machines Corp.’s security unit, launched the Open Cybersecurity Schema Framework (OCSF) at the Black Hat USA cybersecurity conference in Las Vegas this week.
Patrick Coughlin, Splunk’s group vice president of the security market, told the Wall Street Journal: “Products and services that support the OCSF specifications would be able to collate and standardise alerts from different cyber monitoring tools, network loggers and other software, to simplify and speed up the interpretation of that data.”
The framework aims to solve a long-standing problem for chief information security officers, whereby they are forced to manually integrate data and build several dashboards in order to monitor cyber security and gain a thorough overview of what’s going on.
According to a survey from the Information Systems Security Association and TechTarget Inc, over three-quarters of 280 security professionals surveyed said they wanted vendors to build open standards into their products to enable interoperability.
Other companies involved in the initiative include CrowdStrike Holdings Inc., Rapid7 Inc., Cloudflare Inc., DTEX Systems Inc., IronNet Inc., JupiterOne Inc., Okta Inc., Salesforce Inc., Securonix Inc., Sumo Logic Inc., Tanium Inc., Zscaler Inc. and Trend Micro Inc.
Chris Niggel, regional chief security officer for the Americas at identity management firm Okta, said that providers working on the initial edition of OCSF expect it to be incorporated into their products over the coming months. Niggel added that uniting data regarding potential hacking activity in one format will enable internal teams working on cybersecurity to recognise risks earlier.
Niggel said that Okta's internal team utilises a range of different cloud services, HR and comms tools, saying: "“Our incident response team has to normalize all that information so they can see what’s happening."