IBM, McAfee and international consortium OASIS are coming together to offer the world a way to develop open source security technologies.
The diversity of cyberthreats has never been greater as our digital landscape grows to encompass more of our lives. There are hundreds of competing security solutions but little integration considering how many people deploy more than one system.
That's about to change as dozens of tech companies have joined together to create the Open Cybersecurity Alliance, which is an effort to share security solutions and increase mutually beneficial security cooperation.
SEE: Special report: A winning strategy for cybersecurity (free PDF) (TechRepublic Premium)
The group aims to bring ideas and solutions from people across the world into their open source platform. The goal is to facilitate the exchange of information, insights, analytics, and orchestrated responses through the development of open source security technologies.
"Today, organizations struggle without a standard language when sharing data between products and tools," said Carol Geyer, chief development officer of OASIS. "We have seen efforts emerge to foster data exchange, but what has been missing is the ability for each tool to transmit and receive these messages in a standardized format, resulting in more expensive and time-consuming integration costs. The aim of the OCA is to accelerate the open sharing concept making it easier for enterprises to manage and operate."
One of the key realizations of the initiative is the time wasted on connection and integration that could be better spent creating tools to directly address pertinent security issues. With this newfound integration, the organizations hope to "develop protocols and standards which enable tools to work together and share information across vendors.
"The aim is to simplify the integration of security technologies across the threat lifecycle – from threat hunting and detection to analytics, operations, and response -- so that products can work together out of the box," OASIS added in their statement.
In addition to IBM Security and McAfee, the Alliance includes Advanced Cyber Security Corp, Corsa, CrowdStrike, CyberArk, Cybereason, DFLabs, EclecticIQ, Electric Power Research Institute, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotient and Tufin.
The Open Cybersecurity Alliance will create a new "set of open source content, code, tools, patterns, and practices" that allow the companies to share information and solutions to situations. The sharing of insights will help all of the companies better prepare for future cyberattacks and increase the industry's visibility in the threat landscape.
"When security teams are constantly spending their time manually integrating tools and maintaining those integrations, it's not helping anyone other than the attackers," said Jason Keirstead, chief architect at IBM Security Threat Management. "The mission of the OCA is to create a unified security ecosystem, where businesses no longer have to build one-off manual integrations between every product, but instead can build one integration to work across all, based on a commonly accepted set of standards and code."
IBM Security is contributing "STIX-Shifter," an open source library that can "identify information about potential threats within a wide variety of data repositories and translate it into a format that can be digested and analyzed by any security tool that has this standard enabled."
The underlying goal of IBM's library is to give security companies a universal security system through the creation of a standardized cybersecurity data model. In addition to IBM's efforts, McAfee added in their OpenDXL Standard Ontology, a cybersecurity messaging format.
"Attackers maximize damage by sharing data with one another. Our best defense strategy is to share data too," said D.J. Long, vice president of business development at McAfee.
"The OCA creed is 'Integrate once, reuse everywhere' which builds upon McAfee's open philosophy that led to the OpenDXL project in 2016," Long continued. "Organizations will be able to seamlessly exchange data between products and tools from any provider that adopts the OCA project deliverables. We're looking at the potential for unprecedented real-time security intelligence."
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Mastermind con man behind Catch Me If You Can talks cybersecurity (TechRepublic download)
- Windows 10 security: A guide for business leaders (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- The best password managers of 2019 (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)