At New Context, we have long been committed to cyber threat intelligence (CTI), particularly as it relates to defining, sharing and automating information about threats. It should come as no surprise, then, that in June we will be on-site in New York City as sponsors of OASIS’ Borderless Cyber Conference.
As a founding member of the OASIS CTI Technical Committee, we have worked hard to mature STIX and TAXII as part of an industry wide, open standards framework for CTI. Development of this framework is crucial for the information security industry to be able to define and share threats. As we look ahead, we are particularly excited about supporting OpenC2 as that group moves into OASIS given the value it will provide to CTI efforts around the world.
And while we believe strongly in open and transparent standards frameworks, we also believe just as strongly in the automation of threat intelligence. We have witnessed first hand how automation creates benefits for organizations, including:
- Reducing the mean time to discovery of vulnerabilities and subsequent recovery.
- More quickly lowering risk in your organization’s overall security posture, which allows for quicker response to vulnerabilities or attacks.
- Preventing attackers from repeating attacks.
Beyond saving your company money, strengthening its infrastructure, and changing its culture for the better, automated threat response presents worldwide implications that simply cannot be ignored.
With essentially every modern business function embracing automation and collecting data at breakneck speeds, it’s essential for information security — the function charged with keeping this data safe — to follow suit.
We look forward to not only Borderless Cyber, but to our continued work with global organizations to capitalize on the momentum we see for global threat sharing programs and automated threat response around the world.