OASIS Cyber Threat Intelligence (CTI) TC

CTI-TC: One suggestion was made to merge CybOX with the STIX Sub-Committee, but it was pointed out that a separate CybOX Sub-Committee is part of the Charter. Please add comments, nominations on CybOX on this thread. Jane Ginn CTIN

Hi!, Not sure if anyone else has commented on this thread/discussion, but I think it would be worthwhile to have Cybox sub-committee separate from the STIX sub-committee. There is development that we could do with CyBox objects which is totally independent from STIX, so I am not sure that in the efforts of being able to progress both at a rapid pace, that having them together would be beneficial. Having said that, I think it is important that all the sub-committees especially STIX/TAXII/CyBox are interwoven in some manner, to ensure they do not go off track and cause compatibility problems, however this is something that I am sure the overall membership would be watching out for, after all we all have a common interest in wanting to make this work. Regards, Dean
Original Message----- From: cti@lists.oasis-open.org [ mailto:cti@lists.oasis-open.org ] On Behalf Of jg@ctin.us Sent: Friday, 19 June 2015 6:38 AM To: cti@lists.oasis-open.org Subject: [cti] CybOX Sub-Committee Nominations/Discussion CTI-TC: One suggestion was made to merge CybOX with the STIX Sub-Committee, but it was pointed out that a separate CybOX Sub-Committee is part of the Charter. Please add comments, nominations on CybOX on this thread. Jane Ginn CTIN --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php This e-mail and any attachments to it (the "Communication") is, unless otherwise stated, confidential, may contain copyright material and is for the use only of the intended recipient. If you receive the Communication in error, please notify the sender immediately by return e-mail, delete the Communication and the return e-mail, and do not read, copy, retransmit or otherwise deal with it. Any views expressed in the Communication are those of the individual sender only, unless expressly stated to be those of Australia and New Zealand Banking Group Limited ABN 11 005 357 522, or any of its related entities including ANZ Bank New Zealand Limited (together "ANZ"). ANZ does not accept liability in connection with the integrity of or errors in the Communication, computer virus, data corruption, interference or delay arising from or in respect of the Communication.

HI Dean,  One note on your caveat - typically, each SC reports back on its work and progress to the monthly meetings of the overall TC. That is one way to keep track of its progress and direction.  Second, the SC can only approve presenting its work back to the TC as a whole. It is the full TC that ultimately votes to approve the work, so if an SC did go off on a crazy tangent, the TC could send send it back and say "Please go back and try again" or something like that.  /chet  On Thu, Jun 18, 2015 at 8:19 PM, Thompson, Dean < Dean.Thompson@anz.com > wrote: Hi!, Not sure if anyone else has commented on this thread/discussion, but I think it would be worthwhile to have Cybox sub-committee separate from the STIX sub-committee.  There is development that we could do with CyBox objects which is totally independent from STIX, so I am not sure that in the efforts of being able to progress both at a rapid pace, that having them together would be beneficial. Having said that, I think it is important that all the sub-committees especially STIX/TAXII/CyBox are interwoven in some manner, to ensure they do not go off track and cause compatibility problems, however this is something that I am sure the overall membership would be watching out for, after all we all have a common interest in wanting to make this work. Regards, Dean
Original Message----- From: cti@lists.oasis-open.org [mailto: cti@lists.oasis-open.org ] On Behalf Of jg@ctin.us Sent: Friday, 19 June 2015 6:38 AM To: cti@lists.oasis-open.org Subject: [cti] CybOX Sub-Committee Nominations/Discussion CTI-TC: One suggestion was made to merge CybOX with the STIX Sub-Committee, but it was pointed out that a separate CybOX Sub-Committee is part of the Charter. Please add comments, nominations on CybOX on this thread. Jane Ginn CTIN --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail.  Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php This e-mail and any attachments to it (the "Communication") is, unless otherwise stated, confidential, may contain copyright material and is for the use only of the intended recipient. If you receive the Communication in error, please notify the sender immediately by return e-mail, delete the Communication and the return e-mail, and do not read, copy, retransmit or otherwise deal with it. Any views expressed in the Communication are those of the individual sender only, unless expressly stated to be those of Australia and New Zealand Banking Group Limited ABN 11 005 357 522, or any of its related entities including ANZ Bank New Zealand Limited (together "ANZ"). ANZ does not accept liability in connection with the integrity of or errors in the Communication, computer virus, data corruption, interference or delay arising from or in respect of the Communication. -- /chet  ---------------- Chet Ensign Director of Standards Development and TC Administration  OASIS: Advancing open standards for the information society http://www.oasis-open.org Primary: +1 973-996-2298 Mobile: +1 201-341-1393 

Whole-heartedly agree, Dean. The primary reason behind my earlier suggestion to merge the two standards under one committee was a fear that human politics being what it is, putting two standards under separate subcommittees would result in diverging/redundant/uncoordinated standards. In light of Chet's clarification regarding the roles and responsibilities of the subcommittees vis-a-vis the parent TC, I respectfully rescind my earlier proposal to merge them under one subcommittee and trust in the OASIS process. If elected to the CybOX subcommittee, my two primary concerns will be: 0) Balancing future CybOX development between the needs of the community (including, to a lessor extent, non-OASIS standards like MAEC) and the strategies adopted by the STIX subcommittee. 1) Ferreting out redundancies between the two standards and resisting the proliferation of needless complexities in CybOX as a data format.   Cheers, Trey -- Trey Darley Senior Security Engineer Soltra An FS-ISAC & DTCC Company www.soltra.com From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> on behalf of Chet Ensign <chet.ensign@oasis-open.org> Sent: Friday, June 19, 2015 17:31 To: Thompson, Dean Cc: cti@lists.oasis-open.org Subject: Re: [cti] CybOX Sub-Committee Nominations/Discussion   HI Dean,  One note on your caveat - typically, each SC reports back on its work and progress to the monthly meetings of the overall TC. That is one way to keep track of its progress and direction.  Second, the SC can only approve presenting its work back to the TC as a whole. It is the full TC that ultimately votes to approve the work, so if an SC did go off on a crazy tangent, the TC could send send it back and say "Please go back and try again" or something like that.  /chet  On Thu, Jun 18, 2015 at 8:19 PM, Thompson, Dean < Dean.Thompson@anz.com > wrote: Hi!, Not sure if anyone else has commented on this thread/discussion, but I think it would be worthwhile to have Cybox sub-committee separate from the STIX sub-committee.  There is development that we could do with CyBox objects which is totally independent from STIX, so I am not sure that in the efforts of being able to progress both at a rapid pace, that having them together would be beneficial. Having said that, I think it is important that all the sub-committees especially STIX/TAXII/CyBox are interwoven in some manner, to ensure they do not go off track and cause compatibility problems, however this is something that I am sure the overall membership would be watching out for, after all we all have a common interest in wanting to make this work. Regards, Dean
Original Message----- From: cti@lists.oasis-open.org [mailto: cti@lists.oasis-open.org ] On Behalf Of jg@ctin.us Sent: Friday, 19 June 2015 6:38 AM To: cti@lists.oasis-open.org Subject: [cti] CybOX Sub-Committee Nominations/Discussion CTI-TC: One suggestion was made to merge CybOX with the STIX Sub-Committee, but it was pointed out that a separate CybOX Sub-Committee is part of the Charter. Please add comments, nominations on CybOX on this thread. Jane Ginn CTIN --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail.  Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php This e-mail and any attachments to it (the "Communication") is, unless otherwise stated, confidential, may contain copyright material and is for the use only of the intended recipient. If you receive the Communication in error, please notify the sender immediately by return e-mail, delete the Communication and the return e-mail, and do not read, copy, retransmit or otherwise deal with it. Any views expressed in the Communication are those of the individual sender only, unless expressly stated to be those of Australia and New Zealand Banking Group Limited ABN 11 005 357 522, or any of its related entities including ANZ Bank New Zealand Limited (together "ANZ"). ANZ does not accept liability in connection with the integrity of or errors in the Communication, computer virus, data corruption, interference or delay arising from or in respect of the Communication. -- /chet  ---------------- Chet Ensign Director of Standards Development and TC Administration  OASIS: Advancing open standards for the information society http://www.oasis-open.org Primary: +1 973-996-2298 Mobile: +1 201-341-1393