More than a dozen cybersecurity companies are working on a single, open standard for sharing data about hacking threats, a project that will help organizations detect cyberattacks more quickly.
The initiative, where Amazon (AMZN), Cloudflare, CrowdStrike, IBM (IBM), Okta, and Salesforce (CRM) are involved, aims to address a critical bottleneck in threat information sharing: the various data formats currently used across multiple cybersecurity tools and products.
According to the companies, this mismatch can lead to delays in determining how a cyberattack is unfolding because data from one tool frequently needs to be converted into a compatible format before it can be used with another tool and according to Mark Ryland, a top cybersecurity executive at Amazon Web Services (AWS), this can make analyzing the underlying threat data more difficult.
“Having a holistic view of security-related data across tools is essential for customers to effectively detect, investigate and mitigate security issues… Customers tell us that their security teams are spending too much time and energy normalizing data across different tools rather than being able to focus on analyzing and responding to risks.” said Ryland in a release.
Consequently, the Open Cybersecurity Schema Framework, the new standard, was announced Tuesday at the Black Hat cybersecurity conference in Las Vegas. AWS, the cybersecurity firm Symantec, and a data analysis company Splunk are leading the project.
The initiative comes at a time when the Biden administration has increased its outreach to the private sector in the hopes of protecting critical infrastructure and other US assets from a wave of cyberattacks.
“The OCSF initiative is truly unprecedented… Normalizing data prior to ingestion has been one of the biggest pain points for security professionals, and the universal framework proposed by the OCSF, powered by a common domain knowledge across several security vendors, simplifies this time-consuming step, ultimately enabling better and stronger security for all.” said Erkang Zheng, CEO of the cybersecurity firm JupiterOne, in a release.
Furthermore, aside from addressing cyberattacks, US officials also announced last month about the filling of hundreds of thousands of vacant cybersecurity jobs, describing the talent shortage as a national security challenge as well as an economic opportunity for the middle class.