"OCSF Promises to Advance Cybersecurity Data Sharing"

An Open Cybersecurity Schema Framework (OCSF) unveiled at the Black Hat USA 2022 conference promises to address long-standing data sharing issues that limit the effectiveness of cybersecurity teams while increasing overall costs. The OCSF, led by Amazon Web Services (AWS), Splunk, and IBM, is the latest industry effort to address interoperability. CrowdStrike, Rapid7, Palo Alto Networks, Cloudflare, DTEX Systems, IronNet Inc., JupiterOne, Okta, Salesforce, Securonix, Sumo Logic, Tanium, Zscaler Inc., and Trend Micro have all pledged their support for the OCSF initiative. A recent survey of 280 cybersecurity professionals conducted on behalf of the Information Systems Security Association (ISSA) by the research firm Enterprise Strategy Group (ESG) found that more than three-quarters of respondents (77 percent) want to see more industry cooperation and support for open standards to promote interoperability. Of the respondents, 83 percent said future technology interoperability is dependent on industry standards, and 84 percent said integration capabilities are important. A total of 86 percent believe that best-of-breed products should have built-in integration with other products. According to the survey, product integration capabilities (37 percent) are the most important security product consideration after cost (46 percent). The underlying issue is that every cybersecurity tool or platform generates data in a proprietary format. Before interrogating the data to uncover illegal activity and potential threats, security operations teams must first normalize it. The amount of time, money, and effort that cybersecurity teams put into such efforts is often significant. When that task is not completed, it becomes more difficult to correlate activity across a layered approach to cybersecurity involving multiple tools and platforms. Many organizations are attempting to reduce the number of security tools and platforms they use to make cybersecurity data easier to correlate. This article continues to discuss the support and purpose behind the OCSF. 

Security Boulevard reports "OCSF Promises to Advance Cybersecurity Data Sharing"