OASIS Cyber Threat Intelligence (CTI) TC

Yes I agree it should be part of Outreach but not stand alone.  Doug  Douglas DePeppe, LLM, JD EosEdge Legal Cyberlaw and Services 719.357.8025 This email and any attachments contain information belonging to the sender which may be confidential and legally privileged.  The information is only for the intended recipient.  If you are not the intended recipient, any disclosure, copy, distribution, or action taken in reliance on the contents of the information contained in this transmission is strictly prohibited.  If you have received this transmission in error, promptly inform me and delete the message. Sent from my Mobile

I think we are rapidly coming to consensus on a lot of areas.  This has been a great set of conversations and threads.  Well done everyone. Now lets get the subcommittees formed so we can start working....  I do not want to waste any more time.  Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg.   On Jun 19, 2015, at 10:35, Doug DePeppe < doug@eosedgelegal.com > wrote: Yes I agree it should be part of Outreach but not stand alone.  Doug  Douglas DePeppe, LLM, JD EosEdge Legal Cyberlaw and Services 719.357.8025 This email and any attachments contain information belonging to the sender which may be confidential and legally privileged.  The information is only for the intended recipient.  If you are not the intended recipient, any disclosure, copy, distribution, or action taken in reliance on the contents of the information contained in this transmission is strictly prohibited.  If you have received this transmission in error, promptly inform me and delete the message. Sent from my Mobile
Original message -------- From: Patrick Maroney Date:06/19/2015 10:30 AM (GMT-07:00) To: Doug DePeppe , Jordan, Bret , cti@lists.oasis-open.org , Richard Struse , Chet Ensign Subject: Re: [cti] Subcommittee - Summary So Far Propose that we can make this a high level strategic objective for the Outreach Committee.  For example, we can engage with those leading related efforts (e.g.,  when/if the DHS contract is awarded to a Standards Body, any similar international initiatives). CTI  (and any other commonly adopted related standards) will play a critical role in the how we interconnect ISACs/ISAOs.  We need to ensure those developing CTI are well informed of issues, opportunities, and key impediments to adoption that can be addressed in the related standards. Patrick Maroney Office: (856)983-0001 Cell: (609)841-5104 pmaroney@specere.org From: cti@lists.oasis-open.org < cti@lists.oasis-open.org > on behalf of Doug DePeppe < doug@eosedgelegal.com > Sent: Friday, June 19, 2015 12:15:20 PM To: Jordan, Bret; cti@lists.oasis-open.org ; Richard Struse; Chet Ensign Subject: RE: [cti] Subcommittee - Summary So Far   I would respectfully dissent from the notion of setting up an ISAO SC. Tony is entirely correct that ISAO is a necessary alliance. However, 1. CTI TC is a distinct OASIS effort with a scope envisioned in a charter. ISAO is an emerging space that still lacks definition.  2. ISAO is distinctly a US concept with related optics issues globally, relative to potentially creating unintended distraction  3. ISAO has its own emerging ecosystem and the TC may lack credibility or become negatively perceived as a result of prematurely moving into this space In lieu of a SC, I propose a liaison relationship to emerging ISAO efforts. This way the TC has a mechanism to remain abreast of related efforts and interests.  Best  Doug Douglas DePeppe, LLM, JD EosEdge Legal Cyberlaw and Services 719.357.8025 This email and any attachments contain information belonging to the sender which may be confidential and legally privileged.  The information is only for the intended recipient.  If you are not the intended recipient, any disclosure, copy, distribution, or action taken in reliance on the contents of the information contained in this transmission is strictly prohibited.  If you have received this transmission in error, promptly inform me and delete the message. Sent from my Mobile

:) +1! Grtz, Raymon van der Velde Intelworks +31 (0)6 5235 4099   www.intelworks.com "I ntelligence powered defence" From: "Jordan, Bret" < bret.jordan@bluecoat.com > Date: Friday 19 June 2015 18:52 To: Doug DePeppe < doug@eosedgelegal.com > Cc: Patrick Maroney < Pmaroney@Specere.org >, " cti@lists.oasis-open.org " < cti@lists.oasis-open.org >, Richard Struse < Richard.Struse@hq.dhs.gov >, Chet Ensign < chet.ensign@oasis-open.org > Subject: Re: [cti] Subcommittee - Summary So Far I think we are rapidly coming to consensus on a lot of areas.  This has been a great set of conversations and threads.  Well done everyone. Now lets get the subcommittees formed so we can start working....  I do not want to waste any more time.  Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."  On Jun 19, 2015, at 10:35, Doug DePeppe < doug@eosedgelegal.com > wrote: Yes I agree it should be part of Outreach but not stand alone.  Doug  Douglas DePeppe, LLM, JD EosEdge Legal Cyberlaw and Services 719.357.8025 This email and any attachments contain information belonging to the sender which may be confidential and legally privileged.  The information is only for the intended recipient.  If you are not the intended recipient, any disclosure, copy, distribution, or action taken in reliance on the contents of the information contained in this transmission is strictly prohibited.  If you have received this transmission in error, promptly inform me and delete the message. Sent from my Mobile
Original message -------- From: Patrick Maroney Date:06/19/2015 10:30 AM (GMT-07:00) To: Doug DePeppe , "Jordan, Bret" , cti@lists.oasis-open.org , Richard Struse , Chet Ensign Subject: Re: [cti] Subcommittee - Summary So Far Propose that we can make this a high level strategic objective for the Outreach Committee.  For example, we can engage with those leading related efforts (e.g.,  when/if the DHS contract is awarded to a Standards Body, any similar international initiatives). CTI  (and any other commonly adopted related standards) will play a critical role in the "how" we interconnect ISACs/ISAOs.  We need to ensure those developing CTI are well informed of issues, opportunities, and key impediments to adoption that can be addressed in the related standards. Patrick Maroney Office: (856)983-0001 Cell: (609)841-5104 pmaroney@specere.org From: cti@lists.oasis-open.org < cti@lists.oasis-open.org > on behalf of Doug DePeppe < doug@eosedgelegal.com > Sent: Friday, June 19, 2015 12:15:20 PM To: Jordan, Bret; cti@lists.oasis-open.org ; Richard Struse; Chet Ensign Subject: RE: [cti] Subcommittee - Summary So Far   I would respectfully dissent from the notion of setting up an ISAO SC. Tony is entirely correct that ISAO is a necessary alliance. However, 1. CTI TC is a distinct OASIS effort with a scope envisioned in a charter. ISAO is an emerging space that still lacks definition.  2. ISAO is distinctly a US concept with related optics issues globally, relative to potentially creating unintended distraction  3. ISAO has its own emerging ecosystem and the TC may lack credibility or become negatively perceived as a result of prematurely moving into this space In lieu of a SC, I propose a liaison relationship to emerging ISAO efforts. This way the TC has a mechanism to remain abreast of related efforts and interests.  Best  Doug Douglas DePeppe, LLM, JD EosEdge Legal Cyberlaw and Services 719.357.8025 This email and any attachments contain information belonging to the sender which may be confidential and legally privileged.  The information is only for the intended recipient.  If you are not the intended recipient, any disclosure, copy, distribution, or action taken in reliance on the contents of the information contained in this transmission is strictly prohibited.  If you have received this transmission in error, promptly inform me and delete the message. Sent from my Mobile
Original message -------- From: "Jordan, Bret" Date:06/19/2015 8:49 AM (GMT-07:00) To: cti@lists.oasis-open.org , Richard Struse , Chet Ensign Subject: [cti] Subcommittee - Summary So Far I missed one, sorry about that Tony.... Rich / Chet,  Based on discussions this is what we have so far, can we get some of these setup for voting so they can get the spaces setup and work can begin? STIX: Co-Chair: Terry MacDonald Co-Chair: (Options are Sean Barnum or Aharon Chernin) TAXII: Co-Chair: Bret Jordan Co-Chair: Marc Davidson CYBOX: Co-Chair: ?? Co-Chair: ?? DATABASE: Co-Chair: Eric Burger Co-Chair: (My option is Jerome Athias would be good here, but that is still open on the list) OUTREACH: Co-Chair: Joep Gommers Co-Chair: Patrick Maroney ISAO Co-Chair: ?? Co-Chair: ?? Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."  Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."