OASIS Cyber Threat Intelligence (CTI) TC

In North America they're usually owned
and operated by power utilities. - Jason Keirstead STSM, Product Architect, Security Intelligence, IBM Security Systems www.ibm.com/security Without data, all you are is just another person with an opinion - Unknown
From:      
  "Thompson, Dean"
<Dean.Thompson@anz.com> To:      
  "'Taylor, Marlon'"
<Marlon.Taylor@hq.dhs.gov>, "'cti@lists.oasis-open.org'"
<cti@lists.oasis-open.org> Date:      
  11/07/2017 06:42 AM Subject:    
    [cti] RE: Suggested
Additions to industry-sector-ov Sent by:    
    <cti@lists.oasis-open.org>   Hi!,   One quick one, but are
“Dam’s” a subset of the “Water” sector.  I know in Australia
we treat it like this.   Regards,   Dean   From: cti@lists.oasis-open.org [ mailto:cti@lists.oasis-open.org ]
On Behalf Of Taylor, Marlon Sent: Tuesday, 7 November 2017 5:36 AM To: cti@lists.oasis-open.org Subject: [cti] Suggested Additions to industry-sector-ov   Hi TC,   During the October F2F the omissions
of specific some critical infrastructure was discussed and it was suggested
to open a github issue to add those items to the industry-sector-ov. This
change adds support for sectors not previously included and does not have
a negative impact on the existing sectors.   GITHUB LINK: https://github.com/oasis-tcs/cti-stix2/issues/34   Are there any objections to including
the resolution of this item into 2.1?     Marlon Taylor Technology Services Section National Cybersecurity & Communications Integration Center (NCCIC) U.S. Department of Homeland Security   "This e-mail and any attachments to it (the "Communication")
is, unless otherwise stated, confidential, may contain copyright material
and is for the use only of the intended recipient. If you receive the Communication
in error, please notify the sender immediately by return e-mail, delete
the Communication and the return e-mail, and do not read, copy, retransmit
or otherwise deal with it. Any views expressed in the Communication are
those of the individual sender only, unless expressly stated to be those
of Australia and New Zealand Banking Group Limited ABN 11 005 357 522,
or any of its related entities including ANZ Bank New Zealand Limited (together
"ANZ"). ANZ does not accept liability in connection with the
integrity of or errors in the Communication, computer virus, data corruption,
interference or delay arising from or in respect of the Communication."

I will also post these comments and feedback on the github issue tracker for this. One of the things we tried really hard to do is make sure that we were not overly verbose with categories. Basically try and bubble up to a higher level group.  However, we probably missed a few here and there. 1)  Chemical Sector - Is this a one off, or are there others we need to add?  If so, is there a higher level category that we can come up with that contains this?? 2)  Commercial Facilities Sector - Can you give an example of what this would be? 3)  Dams Sector - I think this would be handled by the "Infrastructure", "Energy", or "Utilities" sector categories 4)  Nuclear Reactors, Materials, and Waste Sector - For the Nuclear Reactors I figured they would be part of  "Infrastructure",  "Energy", or "Utilities".  Is the Materials / Waste specific to Nuclear ? If so I might suggest that we make the sector name just "Nuclear" and not put the various sub elements, because someone will just ask for one more sub element.  5)  Water and Wastewater Systems Sector - I figured these would go in to " government-public-services" but I guess Water could also go in to "Infrastructure" depending on how you viewed it. If we do decide to add any of these, we should really try to figure out if they are just sub categories of something else, if so, we should use our adopted standard of toplevelcategory-subcategory style.  Bret From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> on behalf of Jason Keirstead <Jason.Keirstead@ca.ibm.com> Sent: Tuesday, November 7, 2017 7:17:24 AM To: Thompson, Dean Cc: 'cti@lists.oasis-open.org'; 'Taylor, Marlon' Subject: [EXT] Re: [cti] RE: Suggested Additions to industry-sector-ov   In North America they're usually owned and operated by power utilities. - Jason Keirstead STSM, Product Architect, Security Intelligence, IBM Security Systems www.ibm.com/security Without data, all you are is just another person with an opinion - Unknown From:         "Thompson, Dean" <Dean.Thompson@anz.com> To:         "'Taylor, Marlon'" <Marlon.Taylor@hq.dhs.gov>, "'cti@lists.oasis-open.org'" <cti@lists.oasis-open.org> Date:         11/07/2017 06:42 AM Subject:         [cti] RE: Suggested Additions to industry-sector-ov Sent by:         <cti@lists.oasis-open.org>   Hi!,   One quick one, but are “Dam’s” a subset of the “Water” sector.  I know in Australia we treat it like this.   Regards,   Dean   From: cti@lists.oasis-open.org [ mailto:cti@lists.oasis-open.org ] On Behalf Of Taylor, Marlon Sent: Tuesday, 7 November 2017 5:36 AM To: cti@lists.oasis-open.org Subject: [cti] Suggested Additions to industry-sector-ov   Hi TC,   During the October F2F the omissions of specific some critical infrastructure was discussed and it was suggested to open a github issue to add those items to the industry-sector-ov. This change adds support for sectors not previously included and does not have a negative impact on the existing sectors.   GITHUB LINK: https://github.com/oasis-tcs/cti-stix2/issues/34   Are there any objections to including the resolution of this item into 2.1?     Marlon Taylor Technology Services Section National Cybersecurity & Communications Integration Center (NCCIC) U.S. Department of Homeland Security   "This e-mail and any attachments to it (the "Communication") is, unless otherwise stated, confidential, may contain copyright material and is for the use only of the intended recipient. If you receive the Communication in error, please notify the sender immediately by return e-mail, delete the Communication and the return e-mail, and do not read, copy, retransmit or otherwise deal with it. Any views expressed in the Communication are those of the individual sender only, unless expressly stated to be those of Australia and New Zealand Banking Group Limited ABN 11 005 357 522, or any of its related entities including ANZ Bank New Zealand Limited (together "ANZ"). ANZ does not accept liability in connection with the integrity of or errors in the Communication, computer virus, data corruption, interference or delay arising from or in respect of the Communication."