[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] Inviting nominations for Chair of Cyber Threat Intelligence (CTI) TC,
Hey, y'all -
There's seems to be clear consensus on Rich for CTI chair. I think everyone agrees that Rich has done yeoman’s work overseeing and nurturing the development of these emerging standards over the past several years.
The shift to OASIS is pretty huge. We don't want too much change all at once.
I've been participating in these discussions for a couple of years now. Just in the past couple of weeks, it's been remarkable all the new names popping up on the mailing lists. Based on what I've seen since the transition to OASIS was announced, I'm willing
to bet that the CTI community _doubles_ over the course of the next six months.
I propose the following compromise:
0) We have Rich act as sole chair during the six month period immediately following the initial round of voting.
1) We institute a one-year term on all chair positions.
2) We give the chair a veto on co-chair candidates and require a 60% majority to override the chair's veto.
Beyond that, I think the four essential criteria already spelled out are valuable considerations but needn't be formalized.
Cheers,
Trey
--
Trey Darley
Senior Security Engineer
Soltra | An FS-ISAC & DTCC Company
+32/494.766.080 | trey@soltra.com
www.soltra.com
From: Peter Allor <pallor@us.ibm.com>
Sent: Friday, June 12, 2015 10:43 To: Trey Darley Cc: Aharon Chernin; Jordan, Bret; Carol Geyer; Chet Ensign; cti@lists.oasis-open.org; Peter F Brown; Richard Struse; Robin Cover; Scott McGrath; Terry MacDonald; tony@yaanatech.com Subject: Re: [cti] Inviting nominations for Chair of Cyber Threat Intelligence (CTI) TC, Trey, Hey, Pete - Note that I specified "an academic-cum-actual security researcher with dirt under their fingernails", not merely an academic. Nor am I against a private-sector co-chair, but "preferably _not_ a vendor". The point is, if we agree on the need for a co-chair, here are the essential qualifications: 0) someone practical 1) someone neutral 2) someone non-US 3) someone that isn't going to drive Rich crazy (ie, compatible personalities == enhanced collaboration) Cheers, Trey -- Trey Darley Senior Security Engineer Soltra | An FS-ISAC & DTCC Company www.soltra.com From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> on behalf of Peter Allor <pallor@us.ibm.com> Sent: Thursday, June 11, 2015 18:01 To: Peter F Brown Cc: Aharon Chernin; Jordan, Bret; Carol Geyer; Chet Ensign; cti@lists.oasis-open.org; Richard Struse; Robin Cover; Scott McGrath; Terry MacDonald; tony@yaanatech.com; Trey Darley Subject: RE: [cti] Inviting nominations for Chair of Cyber Threat Intelligence (CTI) TC, As a data point, in discussing adoption of STIX/TAXII with National Government CSIRTs and other large corporate international organizations, a US/DHS only way forward, has / is an inhibitor to formally using STIX/TAXII in the recent past. I am aware of some USG elements liking that we demonstrate a broad representation. So, I endorse and support Rich, both for his leadership and technical passion as well as vision for this effort. And will bow to what the group decides. But would heavily suggest that we have someone else assist Rich in his chair duties as his co-chair. This is more about perception and adoption than about substance/content. And no, I am not soliciting an academic. We really need and want 'industry' (across the board) to use this. Pete Peter F Brown ---06/11/2015 11:25:01 AM---+1 The significance only means something if we *make* it mean something. From: Peter F Brown <peter@peterfbrown.com> To: "tony@yaanatech.com" <tony@yaanatech.com>, Trey Darley <trey@soltra.com>, Peter Allor/Atlanta/IBM@IBMUS Cc: Chet Ensign <chet.ensign@oasis-open.org>, Aharon Chernin <achernin@soltra.com>, Terry MacDonald <terry.macdonald@threatloop.com>, "Jordan, Bret" <bret.jordan@bluecoat.com>, "cti@lists.oasis-open.org" <cti@lists.oasis-open.org>, Richard Struse <Richard.Struse@hq.dhs.gov>, "Scott McGrath" <scott.mcgrath@oasis-open.org>, Robin Cover <robin@oasis-open.org>, Carol Geyer <carol.geyer@oasis-open.org> Date: 06/11/2015 11:25 AM Subject: RE: [cti] Inviting nominations for Chair of Cyber Threat Intelligence (CTI) TC, +1 The significance only means something if we *make* it mean something. I understand that there might be concern about an OASIS TC being seen just to do DHS’s bidding. However, expanding on what Tony rightly says, there are many TCs where there are initial worries that one party (public, private, research, not-for-profit) is set to run the show – but the nature of the open process, transparency, and engagement from all sides will do more to “disappear” that myth than any “fix”. This is not an argument against co-chair(s) per se: just that, if we need such a role, it will become apparent quickly enough. All the best, Peter From: Tony Rutkowski [mailto:tony@yaanatech.com] Sent: 11 June, 2015 08:11 To: Trey Darley; Peter Allor; Peter F Brown Cc: Chet Ensign; Aharon Chernin; Terry MacDonald; Jordan, Bret; cti@lists.oasis-open.org; Richard Struse; Scott McGrath; Robin Cover; Carol Geyer Subject: Re: [cti] Inviting nominations for Chair of Cyber Threat Intelligence (CTI) TC, The world of international technical committees in this sector contains numerous examples of chairs from government agencies. Furthermore, Rich is rather more than an agency representative in this context. From both a substantive perspective as well as effective leadership and "messaging," his chair position is important. As someone who leads the ETSI equivalent activity, (and formerly led the equivalent in ITU-T) Rich's chair position probably enhances the global assimilation of the CTI suite. --tony On 2015-06-11 10:45 AM, Trey Darley wrote:
However, I suggest the following, especially for us 'Americans' to consider. We need to have another individual as a co-chair. Simply put, to not be something that OASIS is adopting only for the US Department of Homeland Security (DHS). </snip> -- ________________________________ Anthony Michael Rutkowski EVP, Industry Standards & Regulatory Affairs tony@yaanatech.com +1 703 999 8270 ________________________________ Yaana Technologies LLC 542 Gibraltar Drive Milpitas CA 95035 USA |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]