OASIS Cyber Threat Intelligence (CTI) TC

  • 1.  What kind of STIX, TAXII, CybOX training do you need?

    Posted 12-15-2015 15:52
          OASIS STIX, TAXII, CybOX Training Survey           Your response to this brief survey will help OASIS craft a 2016 STIX training program that meets the needs of developers, producers, and consumers of cyber threat intelligence. The survey will take less than five minutes of your time. (You are welcome to respond anonymously, but if you choose to identify yourself, your contact information will not be shared and you will be entitled to a 10% discount off any training OASIS offers in 2016.) Thank you for your participation!       Begin Survey              


  • 2.  US Cybersecurity Act of 2015

    Posted 12-17-2015 14:10
      |   view attached
    It will not be definitive until tomorrow, but it appears as if the Cybersecurity Act of 2015 may actually become U.S. law. It is embedded in the government funding bill to "assist" its passage. The provisions are buried in that bill. An extract is provided here. It has a *very* significant nexus to CTI work - resonating in a positive way with the activities of CTI. --tony Attachment: CPRT-114-HPRT-RU00-SAHR2029-AMNT1final_cybersecurity.pdf Description: Adobe PDF document


  • 3.  RE: [cti] US Cybersecurity Act of 2015

    Posted 12-17-2015 15:06
    Yeah. Hanging the conference committees version of the previously passed house /senate bills on the the legislative Christmas tree' that is the Omnibus is a high percentage way of making it law. Finally....


    Sent from my Windows Phone
    ________________________________
    From: Tony Rutkowski<mailto:tony@yaanatech.com>
    Sent: ?12/?17/?2015 9:10 AM
    To: cti@lists.oasis-open.org<mailto:cti@lists.oasis-open.org>; cti-users@lists.oasis-open.org<mailto:cti-users@lists.oasis-open.org>
    Subject: [cti] US Cybersecurity Act of 2015

    It will not be definitive until tomorrow, but
    it appears as if the Cybersecurity Act of 2015
    may actually become U.S. law. It is embedded
    in the government funding bill to "assist" its
    passage. The provisions are buried in that
    bill. An extract is provided here.

    It has a *very* significant nexus to CTI work
    - resonating in a positive way with the activities
    of CTI.

    --tony



  • 4.  RE: [cti] US Cybersecurity Act of 2015

    Posted 12-17-2015 15:07
    Yeah. Hanging the conference committees  version of the previously passed house /senate bills on the the legislative Christmas tree' that is the Omnibus is a high percentage way of making it law.  Finally.... Sent from my Windows Phone From: Tony Rutkowski Sent: ?12/?17/?2015 9:10 AM To: cti@lists.oasis-open.org ; cti-users@lists.oasis-open.org Subject: [cti] US Cybersecurity Act of 2015 It will not be definitive until tomorrow, but it appears as if the Cybersecurity Act of 2015 may actually become U.S. law.  It is embedded in the government funding bill to "assist" its passage.  The provisions are buried in that bill.  An extract is provided here. It has a *very* significant nexus to CTI work - resonating in a positive way with the activities of CTI. --tony


  • 5.  RE: [cti] US Cybersecurity Act of 2015

    Posted 12-17-2015 18:31
    Hard to process everything at once, but I appreciate this bit:

    (g) AUTOMATED INFORMATION SHARING.— (1) IN GENERAL.—The Under Secretary appointed under section 103(a)(1)(H), in coordination with industry and other stakeholders, shall develop capabilities making use of existing information technology industry standards and best practices, as appropriate, that support and rapidly advance the development, adoption, and implementation of automated mechanisms for the sharing of cyber threat indicators and defensive measures in accordance with title I of the Cybersecurity Act of 2015.

    Thanks,

    Alex

    From: cti@lists.oasis-open.org [mailto:cti@lists.oasis-open.org] On Behalf Of Mark Clancy
    Sent: Thursday, December 17, 2015 10:06 AM
    To: tony@yaanatech.com; cti@lists.oasis-open.org; cti-users@lists.oasis-open.org
    Subject: RE: [cti] US Cybersecurity Act of 2015

    Yeah. Hanging the conference committees version of the previously passed house /senate bills on the the legislative Christmas tree' that is the Omnibus is a high percentage way of making it law. Finally....


    Sent from my Windows Phone
    ________________________________
    From: Tony Rutkowski<mailto:tony@yaanatech.com>
    Sent: ?12/?17/?2015 9:10 AM
    To: cti@lists.oasis-open.org<mailto:cti@lists.oasis-open.org>; cti-users@lists.oasis-open.org<mailto:cti-users@lists.oasis-open.org>
    Subject: [cti] US Cybersecurity Act of 2015
    It will not be definitive until tomorrow, but
    it appears as if the Cybersecurity Act of 2015
    may actually become U.S. law. It is embedded
    in the government funding bill to "assist" its
    passage. The provisions are buried in that
    bill. An extract is provided here.

    It has a *very* significant nexus to CTI work
    - resonating in a positive way with the activities
    of CTI.

    --tony

    ----------------------------------------------------------------------
    This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message.



  • 6.  RE: [cti] US Cybersecurity Act of 2015

    Posted 12-17-2015 18:32
    Hard to process everything at once, but I appreciate this bit:   (g) A UTOMATED I NFORMATION S HARING .— (1) I N GENERAL .—The Under Secretary appointed under section 103(a)(1)(H), in coordination with industry and other stakeholders, shall develop capabilities making use of existing information technology industry standards and best practices, as appropriate, that support and rapidly advance the development, adoption, and implementation of automated mechanisms for the sharing of cyber threat indicators and defensive measures in accordance with title I of the Cybersecurity Act of 2015.   Thanks,   Alex   From: cti@lists.oasis-open.org [mailto:cti@lists.oasis-open.org] On Behalf Of Mark Clancy Sent: Thursday, December 17, 2015 10:06 AM To: tony@yaanatech.com; cti@lists.oasis-open.org; cti-users@lists.oasis-open.org Subject: RE: [cti] US Cybersecurity Act of 2015   Yeah. Hanging the conference committees  version of the previously passed house /senate bills on the the legislative Christmas tree' that is the Omnibus is a high percentage way of making it law.  Finally.... Sent from my Windows Phone From: Tony Rutkowski Sent: ?12/?17/?2015 9:10 AM To: cti@lists.oasis-open.org ; cti-users@lists.oasis-open.org Subject: [cti] US Cybersecurity Act of 2015 It will not be definitive until tomorrow, but it appears as if the Cybersecurity Act of 2015 may actually become U.S. law.  It is embedded in the government funding bill to "assist" its passage.  The provisions are buried in that bill.  An extract is provided here. It has a *very* significant nexus to CTI work - resonating in a positive way with the activities of CTI. --tony This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message.