RE: [cti] CTI-Outreach Sub-Committee Nominations/Discussion

["Doug DePeppe" <doug@eosedgelegal.com>]

Mark
I sent a note to Richard Struse on this very topic.  You are entirely correct, in my judgment.  It's one thing for moving a technical body through established vetting, credentialing, and maturing mechanisms.  It's quite another for establishing buy-in and support for a structural change in the way society operates between the public and private spheres.  In other words, if we want to "operationalize" information between the public and private sectors, we need Definition for What IS the public-private partnership?!  In the US, the ISAO effort is moving in this direction, I believe.  I also believe that the CTI TC and momentum will help drive the technical side of this broader challenge.  

The hard part, in my judgment, is changing the organizing challenge from a top-down (government led) to a bottom-up (private led) model.  At the moment, there is insufficient awareness for this need, and near-zero perceived incentive for the private sector.  Yet, from a CTI TC perspective, STIX/TAXII/CyBox adoption fails its commercialization success story if massive adoption through information sharing bodies doesn't materialize.

In the US, there are certain structures (ISACs, coordinating councils, and soon ISAOs).  So far, in my opinion, there isn't any sort of mobilization occurring to make such structures part of the societal consciousness.  It's still early in their maturity (except, arguably, a few ISACs).  

I'd be very pleased to work on this effort, but again I believe it's a broader effort than just this CTI TC.

Doug 

Douglas M. DePeppe | Cyberlaw Attorney | LLM, JD
EosEdge Legal | A Cyberlaw and Services Firm
Cyberlaw at Catalyst Campus | 559 E. Pikes Peak Ave. Suite 101 
Colorado Springs, CO 80903
Direct 719.357.8025 | c 703.283.2349 
Skype ID: doug.depeppe | www.eosedgelegal.com
Conferencing: https://join.me/cybercloak
My Homepage www.cyberjurist.net

This electronic mail transmission and any attachments contain information belonging to the sender which may be confidential and legally privileged. This information is intended only for the use of the individual or entity to whom this electronic mail transmission was sent as indicated above. If you are not the intended recipient, any disclosure, copy, distribution, or action taken in reliance on the contents of the information contained in this transmission is strictly prohibited. If you have received this transmission in error, please immediately inform me by email and delete the message. Thank you.

-----Original Message-----
From: cti@lists.oasis-open.org [mailto:cti@lists.oasis-open.org] On Behalf Of Mark Clancy
Sent: Wednesday, June 24, 2015 8:17 AM
To: Peter F Brown; tony@yaanatech.com; Rich Struse
Cc: cti@lists.oasis-open.org
Subject: Re: [cti] CTI-Outreach Sub-Committee Nominations/Discussion

All,
I agree with need this SC and am happy to help. I have been doing a lot this as part of my role as  DTCC's CISO in addition to my Soltra role.  I have been presenting/meeting in the US, Europe and Asia. I spend a lot of time with legislators, policy makers, and global financial regulators on information sharing and why automation is a key part of capablity needs.  By the same token most of the challenges in the global context are not purely technical but national and regualtory impediments.  Not to say the technical things we are doing in CTI commitee in Oasis isn't also critical as it certianly is, but that if we only address the technical side of this problem we won't achieve the risk mitigation benefits we all desire.

So at some level what do we think "engagement" means vs. "outreach"?  

-Mark


Mark Clancy
Chief Executive Officer
SOLTRA | An FS-ISAC and DTCC Company
+1.813.470.2400 office | +1.610.659.6671 US mobile |​  +44 7823 626 535  
+UK mobile
mclancy@soltra.com | soltra.com

One organization's incident becomes everyone's defense.

​

________________________________________
From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> on behalf of Peter F Brown <peter@peterfbrown.com>
Sent: Tuesday, June 23, 2015 6:37 PM
To: tony@yaanatech.com; Rich Struse
Cc: cti@lists.oasis-open.org
Subject: RE: [cti] CTI-Outreach Sub-Committee Nominations/Discussion

+1
Also agree with comment in an earlier thread that this SC ought to have engagement as a core focus rather than outreach - and that ought to be reflected in the name of any proposed SC.
Regards,
Peter


-----Original Message-----
From: cti@lists.oasis-open.org [mailto:cti@lists.oasis-open.org] On Behalf Of Tony Rutkowski
Sent: 22 June, 2015 13:08
To: Rich Struse
Cc: cti@lists.oasis-open.org
Subject: Re: [cti] CTI-Outreach Sub-Committee Nominations/Discussion

Hi Rich,

There is a great symmetry occurring here on a global scale.

The first day of the annual cybersecurity workshop was held this afternoon here in Sophia Antipolis in France's approximation of Silicon Valley in the hills of Valbonne, France.  There are people here from around the world, but this afternoon was somewhat Euro centric with key officials describing what was essential to regional and national cybersecurity.  Perhaps not by coincidence, cyber threat intelligence sharing was at the top of their lists - along with security assurance.

The four people who were engaged at this session were:

o Florent Frederix who heads the key Network Information Security
(NIS) initiative of the the European Commission and has some responsibilities at the Directorate level similar to Rich Struse's as the execution arm of the EU cybersecurity strategy - the analog of the White House's framework initiatives.

o Chris Ensor who heads up cybersecurity work in the UK's CESG organization - also similar to Rich's responsibilities.

o Marc Henauer of Switzerland's MELANI organization that is similar the principal Swiss threat intelligence sharing body.

o Edri an Belmonte, who plays the lead role in this area in ENISA

All of the presentations except Cris Ensor's are available at:
http://docbox.etsi.org/Workshop/2015/201506_SECURITYWEEK/SECURITYWS/S01_SETTINGTHESCENE/

In the discussion session following the presentations, speaking at the ETSI TC CYBER threat intelligence sharing rapporteur, I had the opportunity to explain the creation of the new TC CTI committee and how the platforms being pursued in CTI were proven best-of-breed models and structured information sharing specifications that provided an ideal match to each of their objectives.

It was quite amazing how each of the parties - even in Europe - was rather independently pursuing similar objectives.

We also discussed how the work of TC CYBER was to survey the global cybersecurity ecosystem and make use of the most successful existing standards and not pursue duplicative work.  Everyone seemed in agreement, and going forward, there seems like an excellent basis for convergence with the CTI work now getting underway.

There will be further discussion at the workshop over the next two days as well as definitive actions at the TC CYBER meeting on Thursday and Friday.  It was a good beginning that was continued usefully over local provence wine and hors d'oeuves this evening (and setting a useful precedent for future TC CTI physical gatherings).

--tony




---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php


---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php