OASIS Cyber Threat Intelligence (CTI) TC

 View Only
  • 1.  Interoperability SC proposal

    Posted 09-08-2015 21:57
    Dear TC members,   I would like to have us move forward on establishing an Interoperability Subcommittee within the CTI TC.   Please review the proposed charter and suggest any changes/additions you see fit.  As far as co-chairs go, I have listed all of the people whose names were mentioned in regards to this SC – if you would like to add your name or propose someone else, please do so.  If your name is on that list and you would prefer to not be considered, just let me know.  My goal is to move this forward this week so please propose all changes by 5PM Eastern Time, Wednesday, September 9 th .   Proposed Charter: The Interoperability SC will help guide adherence to CTI TC-promulgated standards and interoperability between CTI TC standards-based implementations, while encouraging standards maturity throughout the industry. The SC will develop parameters and processes to allow CTI TC members to test/ validate, and where possible measure the maturity of another organization’s implementation. Testing parameters and processes should be straight-forward and objective to provide clear confirmation that minimum standards' requirements have been achieved. Initially, in regard to maturity measurement efforts, the SC will develop guidelines to support a more qualitative review of an implementation.  In addition, the SC will identify opportunities and approaches to promoting interoperability with externally-defined cyber threat intelligence standards and frameworks.   Co-chairs: We will have two co-chairs of this SC.  The following individuals have been mentioned/proposed/nominated: (alphabetical order): David Eilken, Joep Gommers, Patrick Maroney, Tony Rutkowski     Regards, Rich   Richard J. Struse  Chair, OASIS Cyber Threat Intelligence (CTI) Technical Committee   Chief Advanced Technology Officer National Cybersecurity and Communications Integration Center (NCCIC) and Stakeholder Engagement and Cyber Infrastructure Resiliency (SECIR) Cyber Security & Communications U.S. Department of Homeland Security e-mail:  Richard.Struse@dhs.gov Phone:  202-527-2361     Attachment: smime.p7s Description: S/MIME cryptographic signature


  • 2.  FCC's CISRIC and telecom industry "connectedness"

    Posted 09-15-2015 15:05
      |   view attached
    Hi Rich, The FCC's CISRIC (Communications Security, Reliability and Interoperability Council) advisory committee just published the agenda for its 21 Sep 2015 meeting. See attached. Its Working Group 5 is dedicated to "cybersecurity information sharing." and has an expansive set of milestones that significantly encompass the bases for OASIS CTI and its work. However, the agenda evinces no obvious CTI cognizance or engagement. Given the significance of the telecommunication/ internet industry and the importance of its adopting CTI platforms, perhaps some extra outreach is appropriate. best, tony Attachment: Working_GroupCSRICV_080415.pdf Description: Adobe PDF document

    Attachment(s)



  • 3.  Re: [cti] FCC's CISRIC and telecom industry "connectedness"

    Posted 09-15-2015 22:29
    Good idea Tony. It may be something we may be able to align on. It would be good if later versions of TAXII STIX and CybOX covered the scenarios they need as well. I would think that the use cases we are identifying as part of the various SCs will already cover what they would require but it never hurts to ask. Maybe a good first step for the new sub-committee? Cheers Terry MacDonald On 16 Sep 2015 1:04 am, "Tony Rutkowski" < tony@yaanatech.com > wrote: Hi Rich, The FCC's CISRIC (Communications Security, Reliability and Interoperability Council) advisory committee just published the agenda for its 21 Sep 2015 meeting. See attached. Its Working Group 5 is dedicated to "cybersecurity information sharing."  and has an expansive set of milestones that significantly encompass the bases for OASIS CTI and its work.  However, the agenda evinces no obvious CTI cognizance or engagement. Given the significance of the telecommunication/ internet industry and the importance of its adopting CTI platforms, perhaps some extra outreach is appropriate. best, tony --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail.  Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php


  • 4.  Re: [cti] FCC's CISRIC and telecom industry "connectedness"

    Posted 09-16-2015 21:32
    Tony/Terry: I think we should reach out to the three co-chair people of Working Group 5 ( on Cybersecurity Information Sharing ) plus their FCC Liaisons.  I just checked our most up-to-date Roster and none of the companies on the FCC Working Group are represented here on the CTI-TC.  Interesting that they are starting with the Use Case analysis too. Jane Ginn CTIN On 9/15/2015 3:28 PM, Terry MacDonald wrote: Good idea Tony. It may be something we may be able to align on. It would be good if later versions of TAXII STIX and CybOX covered the scenarios they need as well. I would think that the use cases we are identifying as part of the various SCs will already cover what they would require but it never hurts to ask. Maybe a good first step for the new sub-committee? Cheers Terry MacDonald On 16 Sep 2015 1:04 am, Tony Rutkowski < tony@yaanatech.com > wrote: Hi Rich, The FCC's CISRIC (Communications Security, Reliability and Interoperability Council) advisory committee just published the agenda for its 21 Sep 2015 meeting. See attached. Its Working Group 5 is dedicated to cybersecurity information sharing.   and has an expansive set of milestones that significantly encompass the bases for OASIS CTI and its work.  However, the agenda evinces no obvious CTI cognizance or engagement. Given the significance of the telecommunication/ internet industry and the importance of its adopting CTI platforms, perhaps some extra outreach is appropriate. best, tony --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail.  Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php -- Jane Ginn, MSIA, MRP Cyber Threat Intelligence Network, Inc. jg@ctin.us


  • 5.  Re: [cti] FCC's CISRIC and telecom industry "connectedness"

    Posted 09-16-2015 22:11
    Jane, I am on CSRIC WG 6.   Pete Sent from my iPhone On Sep 16, 2015, at 17:32, JG on CTI-TC < jg@ctin.us > wrote: Tony/Terry: I think we should reach out to the three co-chair people of Working Group 5 ( on Cybersecurity Information Sharing ) plus their FCC Liaisons.  I just checked our most up-to-date Roster and none of the companies on the FCC Working Group are represented here on the CTI-TC.  Interesting that they are starting with the Use Case analysis too. Jane Ginn CTIN On 9/15/2015 3:28 PM, Terry MacDonald wrote: Good idea Tony. It may be something we may be able to align on. It would be good if later versions of TAXII STIX and CybOX covered the scenarios they need as well. I would think that the use cases we are identifying as part of the various SCs will already cover what they would require but it never hurts to ask. Maybe a good first step for the new sub-committee? Cheers Terry MacDonald On 16 Sep 2015 1:04 am, Tony Rutkowski < tony@yaanatech.com > wrote: Hi Rich, The FCC's CISRIC (Communications Security, Reliability and Interoperability Council) advisory committee just published the agenda for its 21 Sep 2015 meeting. See attached. Its Working Group 5 is dedicated to cybersecurity information sharing.   and has an expansive set of milestones that significantly encompass the bases for OASIS CTI and its work.  However, the agenda evinces no obvious CTI cognizance or engagement. Given the significance of the telecommunication/ internet industry and the importance of its adopting CTI platforms, perhaps some extra outreach is appropriate. best, tony --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail.  Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php -- Jane Ginn, MSIA, MRP Cyber Threat Intelligence Network, Inc. jg@ctin.us


  • 6.  Re: [cti] FCC's CISRIC and telecom industry "connectedness"

    Posted 09-18-2015 02:53
    Hi All: I received this response from Rod Rasmussen of IID. He is one of the Co-Chairs of the CSRIC Working Group on CyberSecurity.  He tried to post directly to the list, but it did not go through. So, he asked me to post this on his behalf.  It is good to see that we are coordinated here with this other important initiative in the telcom sector.  Thanks for bringing it to the group's attention, Tony. Actually, I am here and have been on this list from pretty near the beginning. I thought at least the other companies at least are represented here, but not the other co-chairs themselves.  In any event, as one of the co-chairs, I’m in a good position to ensure the work we do within CSRIC on the data sharing topics reflect the realities going on here and elsewhere.  That actually was one of the concerns all of us as co-chairs had - not re-inventing the wheel, going off in the wrong direction, or getting sucked into things outside the remit CSRIC is working under.  We’re all well aware of the OASIS efforts and I’m sure many of the CSRIC work party members will also be on this list as well.  Things are still formulating and not 100% settled yet with the working group, but we do have the next CSRIC meeting this coming Monday, so more shall be forthcoming shortly.  One of the primary areas that will be covered in the work is “Conduits for Information Sharing” which clearly the work here applies to and it will undoubtedly be a prominent part of the CSRIC work product. Cheers, Rod Rasmussen President & CTO IID       Security Central internetidentity.com +1.253.590.4088 office +1.253.297.0377 mobile On 9/16/2015 2:31 PM, JG on CTI-TC wrote: Tony/Terry: I think we should reach out to the three co-chair people of Working Group 5 ( on Cybersecurity Information Sharing ) plus their FCC Liaisons.  I just checked our most up-to-date Roster and none of the companies on the FCC Working Group are represented here on the CTI-TC.  Interesting that they are starting with the Use Case analysis too. Jane Ginn CTIN On 9/15/2015 3:28 PM, Terry MacDonald wrote: Good idea Tony. It may be something we may be able to align on. It would be good if later versions of TAXII STIX and CybOX covered the scenarios they need as well. I would think that the use cases we are identifying as part of the various SCs will already cover what they would require but it never hurts to ask. Maybe a good first step for the new sub-committee? Cheers Terry MacDonald On 16 Sep 2015 1:04 am, Tony Rutkowski < tony@yaanatech.com > wrote: Hi Rich, The FCC's CISRIC (Communications Security, Reliability and Interoperability Council) advisory committee just published the agenda for its 21 Sep 2015 meeting. See attached. Its Working Group 5 is dedicated to cybersecurity information sharing.   and has an expansive set of milestones that significantly encompass the bases for OASIS CTI and its work.  However, the agenda evinces no obvious CTI cognizance or engagement. Given the significance of the telecommunication/ internet industry and the importance of its adopting CTI platforms, perhaps some extra outreach is appropriate. best, tony --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail.  Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php -- Jane Ginn, MSIA, MRP Cyber Threat Intelligence Network, Inc. jg@ctin.us -- Jane Ginn, MSIA, MRP Cyber Threat Intelligence Network, Inc. jg@ctin.us