More than a dozen companies in the cybersecurity space are working on a single, open standard for sharing data about hacking threats, a project the companies say could help organizations detect cyberattacks more quickly.
Cloudflare, Crowdstrike, Okta and others want to solve a bottleneck in the sharing of threat information: The different data formats are currently used in multiple cybersecurity tools and products. The initiative aims to solve a bottleneck in the sharing of threat information by Cloudflare, Crowdstrike, Okta, and other data formats that are currently used in multiple cybersecurity tools and products.
A mismatch between a tool and another tool can cause delays in understanding how a cyberattack can be unfolding, because data from one tool must be converted into a compatible format to work with another tool, according to the companies. That can hinder analysis of the threat data, said Mark Ryland, a top cybersecurity executive at Amazon Web Services, Amazon's cloud computing arm.
In a release by Ryland, customers tell us that their security teams are spending too much time and energy normalizing data across different tools rather than being able to respond to security issues, and that they need to have a holistic view of security related data across tools in order to detect, investigate and mitigate security issues. The Open Security Schema Framework, known as the Open Cybersecurity Schema Framework, was announced Tuesday at the Black Hat cybersecurity conference in Las Vegas.
In a release, Erkang Zheng, CEO of the JupiterOne cybersecurity firm, said the OCSF initiative is truly unprecedented. Normalizing data prior to ingestion has been one of the biggest pain points for security professionals and the universal framework proposed by the OCSF, powered by common domain knowledge across several security vendors, simplifies this time-consuming step, ultimately enabling better and stronger security for all. The Biden administration has increased outreach to the private sector in hopes of protecting critical infrastructure and other US assets from a wave of cyberattacks. Last month, US officials announced that they would fill hundreds of thousands of vacant cybersecurity jobs, describing the talent shortage as both a national security challenge and an economic opportunity for the middle class.