Open standards and open source are helping to create new path towards greater global cybersecurity, says the CEO of OASIS.
On Tuesday, OASIS CEO and Executive Director Laurent Liscia participated in the Internet Technical Advisory Committee (ITAC) Forum at the 2016 Organization for Economic Co-operation and Development (OECD) Ministerial on the Digital Economy.
Between 21-23 June, the OECD invites citizens, professionals, and government representatives to come together in Cancún, Mexico to discuss new approaches to digital economy policy development in four key areas: internet openness, digital trust, global connectivity, and relevant jobs and skills.
Such open collaboration is itself a testament to how cybersecurity has evolved into a community-based effort, explains Liscia:
“There has been an astonishing shift in the cybersecurity community from completely closed, proprietary and top-secret systems to a remarkable community of threat detection and sharing. The secret sauce has moved into threat analysis and response, not detection. This is a major development, and it can’t be underestimated by governments because it has already changed the nature of cooperation, especially considering the growing number of Computer Expert Reponses Teams (CERTs) throughout the world, an increasing amount of camaraderie shared between companies and countries, and the fact that part of the military battlefield is rapidly moving into cyberspace.”
Another trend motivating this growing sense of community in cybersecurity is an explosion in connected devices.
According to Gartner, the number of “smart” devices is expected to reach 20.8 billion by 2020. Developers will no doubt continue to innovate in order to capitalize on that expanding network of connected objects, people, and environments.
As they do, governments and companies alike need to make sure that appropriate standards and solutions are in place. Those frameworks should promote the inclusivity of the Internet of Things (IoT) while protecting users’ security and privacy.
Liscia feels there is no better way to address thoses challenges than with open source standards. In his own words:
“There are three global open standards today that form the basis of a globally shareable cybersecurity platform: STIX, TAXII and Cyboc. With these, any organization, government, or regional group can define a very clear process to deal with cyber threats and put in place standard responses in real time. This is very powerful. These freely available standards are augmented by freely available open source packages. As mentioned, proprietary software can come on top of this process to deliver more in-depth analysis and sophisticated responses. As this eco-system gains traction, it will become a platform for growth: new companies will leverage it to launch new cybersecurity products. As we all know, startups rely on open standards and open source to launch new products.”
Whether they are a startup or an established firm, companies can no longer strengthen their security on their own. The challenges of IoT, among other developments, are simply too expansive for one organization alone to solve. As a result, businesses and governments alike need to use events such as the OECD Ministerial as a launchpad for ongoing collaboration in the digital space.
Collaboration, IoT, and other issues will be further explored at Borderless Cyber Europe on 8-9 September in Brussels, Belgium. There, we will discuss the value of sharing threat intelligence and will learn from the experiences of one another when it comes to protecting against digital threats.
You can learn more about the upcoming conference here.