More than a dozen companies are developing a single standard to rapidly detect cyberattacks

initiative, which includes Amazon (AMZN)Cloudflare, Crowdstrike, IBM (IBM)Octa and Salesforce (CRM)Among others, it aims to address a critical bottleneck in the sharing of threat information: the disparate data formats currently in use across multiple cybersecurity tools and products.

According to the companies, that incompatibility can cause delays in understanding how a cyberattack unfolds because data from one device must be converted into a compatible format to work with another device. That could hamper analysis of underlying threat data, said Mark Ryland, a top cybersecurity executive at Amazon Web Services (AWS), Amazon’s cloud computing arm.

“Having a holistic view of security-related data across tools is essential for customers to effectively detect, investigate and mitigate security issues,” Ryland said in the release. “Customers tell us their security teams are spending more time and energy normalizing data across disparate devices than focusing on analyzing and responding to threats.”

The new standard — called the Open Cybersecurity Schema Framework — was announced Tuesday at the Black Hat Cybersecurity conference in Las Vegas. The project is being led by AWS, cybersecurity firm Symantec and Splunk, a data analytics company.

“The OCSF initiative is truly unprecedented,” Erkong Zheng, CEO of cybersecurity firm JupiterOne, said in a release. “Normalizing data before consumption is one of the biggest pain points for security professionals, and the universal framework proposed by OCSF, driven by common domain knowledge across multiple security vendors, simplifies this time-consuming step, ultimately leading to better and stronger security for all.”

The initiative comes as the Biden administration has reached out to the private sector in hopes of protecting critical infrastructure and other US assets from a wave of cyberattacks. Last month, US officials announced efforts to fill hundreds of thousands of vacant cybersecurity jobs, describing the talent shortage as both a national security challenge and an economic opportunity for the middle class.

Source link

Leave a Comment