Should we look to existing global standards
for this instead of trying to invent our own vocab or pick one from a country
(or somehow make an amalgam of countries) ? Ref:
https://en.wikipedia.org/wiki/Industry_classification Many possible candidates there, most
free to reference without having to pay ISO. - Jason Keirstead STSM, Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security Without data, all you are is just another person with an opinion - Unknown
From:
"Masuoka, Ryusuke"
<
masuoka.ryusuke@jp.fujitsu.com> To:
"'Werntz, Preston'"
<
Preston.Werntz@HQ.DHS.GOV>, Allan Thomson <
athomson@lookingglasscyber.com>,
Bret Jordan <
Bret_Jordan@symantec.com>, Jason Keirstead <
Jason.Keirstead@ca.ibm.com>,
"Thompson, Dean" <
Dean.Thompson@anz.com> Cc:
"'
cti@lists.oasis-open.org'"
<
cti@lists.oasis-open.org>, "Taylor, Marlon" <
Marlon.Taylor@hq.dhs.gov> Date:
11/09/2017 08:41 PM Subject:
RE: [cti] Re:
[EXT] Re: [cti] RE: Suggested Additions to industry-sector-ov Hi, I mentioned this during the F2F in Austin,
but there are thirteen "official" critical infrastructures defined by NISC (
https://www.nisc.go.jp/ )
in Japan - information and communication services - financial services - aviation services - railway services - electric power supply services - gas supply services - government and administrative services
(including municipal government) - medical services - water services - logistics services - chemical industries - credit card services - petroleum industries See
https://www.nisc.go.jp/eng/pdf/actionplan_ci_eng_v3.pdf https://
www.nisc.go.jp/active/infra/outline.html Regards, Ryu P.S. I am not exactly sure why credit card services
is separate from financial services… From:
cti@lists.oasis-open.org [ mailto:
cti@lists.oasis-open.org ]
On Behalf Of Werntz, Preston Sent: Wednesday, November 8, 2017 3:00 AM To: Allan Thomson <
athomson@lookingglasscyber.com>; Bret Jordan
<
Bret_Jordan@symantec.com>; Jason Keirstead <
Jason.Keirstead@ca.ibm.com>;
Thompson, Dean <
Dean.Thompson@anz.com> Cc: '
cti@lists.oasis-open.org' <
cti@lists.oasis-open.org>; Taylor,
Marlon <
Marlon.Taylor@hq.dhs.gov> Subject: RE: [cti] Re: [EXT] Re: [cti] RE: Suggested Additions to industry-sector-ov Very good point Allan. I
was coming at it from a DHS-centric view around the 16 critical infrastructures
we track (
https://www.dhs.gov/critical-infrastructure-sectors )
but if there’s a way that’s not too burdensome to allow for other regions
or countries to annotate it differently, that makes sense. Preston From:
cti@lists.oasis-open.org [ mailto:
cti@lists.oasis-open.org ]
On Behalf Of Allan Thomson Sent: Tuesday, November 7, 2017 11:53 AM To: Bret Jordan <
Bret_Jordan@symantec.com >;
Jason Keirstead <
Jason.Keirstead@ca.ibm.com >;
Thompson, Dean <
Dean.Thompson@anz.com > Cc: '
cti@lists.oasis-open.org' <
cti@lists.oasis-open.org >;
Taylor, Marlon <
Marlon.Taylor@hq.dhs.gov > Subject: Re: [cti] Re: [EXT] Re: [cti] RE: Suggested Additions to industry-sector-ov I think we need to recognize (as others
have pointed out) that some of these sector definitions are region specific. So we might need to consider us_chemical_sector us_dams_sector Australia_energy_sector ……etc. If this introduces too many values in the
ov then we should consider how to resolve the fact that there are differences
across regions in these definitions. Allan From: "
cti@lists.oasis-open.org "
<
cti@lists.oasis-open.org >
on behalf of Bret Jordan <
Bret_Jordan@symantec.com > Date: Tuesday, November 7, 2017 at 8:49 AM To: Jason Keirstead <
Jason.Keirstead@ca.ibm.com >,
"Thompson, Dean" <
Dean.Thompson@anz.com > Cc: "
cti@lists.oasis-open.org "
<
cti@lists.oasis-open.org >,
"Taylor, Marlon" <
Marlon.Taylor@hq.dhs.gov > Subject: [cti] Re: [EXT] Re: [cti] RE: Suggested Additions to industry-sector-ov I will also post these comments and feedback
on the github issue tracker for this. One of the things we tried really hard
to do is make sure that we were not overly verbose with categories. Basically
try and bubble up to a higher level group. However, we probably missed
a few here and there. 1) Chemical Sector - Is this a one off,
or are there others we need to add? If so, is there a higher level
category that we can come up with that contains this?? 2) Commercial Facilities Sector - Can you
give an example of what this would be? 3) Dams Sector - I think this would be
handled by the "Infrastructure", "Energy", or "Utilities"
sector categories 4) Nuclear Reactors, Materials, and Waste
Sector - For the Nuclear Reactors I figured they would be part of "Infrastructure",
"Energy", or "Utilities". Is the Materials /
Waste specific to Nuclear ? If so I might suggest that we make the sector
name just "Nuclear" and not put the various sub elements, because
someone will just ask for one more sub element. 5) Water and Wastewater Systems Sector
- I figured these would go in to "government-public-services"
but I guess Water could also go in to "Infrastructure" depending
on how you viewed it. If we do decide to add any of these, we
should really try to figure out if they are just sub categories of something
else, if so, we should use our adopted standard of toplevelcategory-subcategory
style. Bret From:
cti@lists.oasis-open.org <
cti@lists.oasis-open.org >
on behalf of Jason Keirstead <
Jason.Keirstead@ca.ibm.com > Sent: Tuesday, November 7, 2017 7:17:24 AM To: Thompson, Dean Cc: '
cti@lists.oasis-open.org'; 'Taylor, Marlon' Subject: [EXT] Re: [cti] RE: Suggested Additions to industry-sector-ov
In North America they're usually owned and
operated by power utilities. - Jason Keirstead STSM, Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security Without data, all you are is just another person with an opinion - Unknown
From: "Thompson,
Dean" <
Dean.Thompson@anz.com > To: "'Taylor,
Marlon'" <
Marlon.Taylor@hq.dhs.gov >,
"'
cti@lists.oasis-open.org'" <
cti@lists.oasis-open.org > Date: 11/07/2017
06:42 AM Subject: [cti]
RE: Suggested Additions to industry-sector-ov Sent by: <
cti@lists.oasis-open.org > Hi!, One quick one, but are “Dam’s” a subset of the “Water” sector. I
know in Australia we treat it like this. Regards, Dean From:
cti@lists.oasis-open.org [ mailto:
cti@lists.oasis-open.org ]
On Behalf Of Taylor, Marlon Sent: Tuesday, 7 November 2017 5:36 AM To:
cti@lists.oasis-open.org Subject: [cti] Suggested Additions to industry-sector-ov Hi TC, During the October F2F the omissions of specific some critical infrastructure
was discussed and it was suggested to open a github issue to add those
items to the industry-sector-ov. This change adds support for sectors not
previously included and does not have a negative impact on the existing
sectors. GITHUB LINK:
https://github.com/oasis-tcs/cti-stix2/issues/34 Are there any objections to including the resolution of this item into
2.1? Marlon Taylor Technology Services Section National Cybersecurity & Communications Integration Center (NCCIC) U.S. Department of Homeland Security "This e-mail and any attachments to
it (the "Communication") is, unless otherwise stated, confidential,
may contain copyright material and is for the use only of the intended
recipient. If you receive the Communication in error, please notify the
sender immediately by return e-mail, delete the Communication and the return
e-mail, and do not read, copy, retransmit or otherwise deal with it. Any
views expressed in the Communication are those of the individual sender
only, unless expressly stated to be those of Australia and New Zealand
Banking Group Limited ABN 11 005 357 522, or any of its related entities
including ANZ Bank New Zealand Limited (together "ANZ"). ANZ
does not accept liability in connection with the integrity of or errors
in the Communication, computer virus, data corruption, interference or
delay arising from or in respect of the Communication."