IBM, McAfee, and 16 other companies have launched an initiative designed to tackle fragmentation and interoperability problems in the cybersecurity space.
As cyberthreats have become frequent aspects of our lives -- whether related to the risk of fraud and identity theft in the consumer realm or state-sponsored attacks launched against enterprise companies and critical service providers -- the product range on offer has increased in quantity and variety.
Traditional signature-based antivirus software, endpoint protection, cloud-based scanners, open source systems, and solutions formed from early machine-learning (ML) technologies are only some descriptors used for existing products, but with such an increase, fragmentation has become inevitable.
According to AttackIQ and the Ponemon Institute, an average enterprise firm will deploy up to 47 cybersecurity tools and invest $18.4 million on an annual basis, but monitoring and achieving ROI is problematic.
On Tuesday, a plethora of cybersecurity firms announced a new initiative to connect market products, as well as potentially improve interoperability and data-sharing practices.
Led by IBM and McAfee, the new scheme has been launched officially through the OASIS international consortium. Advanced Cyber Security Corp, Corsa, CyberArk, Cybereason, DFLabs, Crowdstrike, Electric Power Research Institute, EclecticIQ, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, Threat Quotient, and Tufin have all joined.
Known as the Open Cybersecurity Alliance (OCA), each company will lend cybersecurity resources -- whether threat insight, code, or expertise -- in a bid to "develop open source security technologies which can freely exchange information, insights, analytics, and
OCA will focus on the development of open source content, code, tooling, practices, and patterns for improving the interoperability of cybersecurity solutions. In addition, the firms will work on ways to bolster information sharing across vendors and their product lines.
It is hoped that by encouraging companies to adopt open source options able to integrate standalone products effectively, the enterprise will benefit through visibility improvements, the reduction of vendor lock-in, and increased data sharing.
Two projects are already in full swing. IBM Security's STIX-Shifter is a project dedicated to the development of a search function for cybersecurity products through an open source, standardized cybersecurity data model and library (STIX 2).
The second, contributed by McAfee, is an interoperable messaging format supported by the OpenDXL messaging bus, due to be launched under an Apache 2.0 license.
TechRepublic: How to protect your organization against insider threats
"Today, organizations struggle without a standard language when sharing data between products and tools," said Carol Geyer, chief development officer of OASIS. "We have seen efforts emerge to foster data exchange, but what has been missing is the ability for each tool to transmit and receive these messages in a standardized format, resulting in more expensive and time-consuming integration costs. The aim of the OCA is to accelerate the open sharing concept making it easier for enterprises to manage and operate."
Previous and related coverage
- No right to be forgotten? Here's how to remove yourself from the Internet and hide your identity
- WhiteShadow downloader uses Microsoft SQL queries to deliver malicious payloads
- Facebook enjoys rare court win over privacy breach, investor claims
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0