[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] Pondering the network effect to avoid the mistakes of the past
I wholeheartedly endorse the notion of making a major change now. I have been advocating that position at maximum volume almost as long as I've been involved in the CTI community
1) We've been debating things like alternative serialization methods and message queuing systems for long enough. We as a community need to take some decisions. One approach would be to say, "Okay, here are the top three serialization methods. Let's form a CTI task force, give them clear evaluation criteria, say, 'Go play with these things for two months, then come back with the pro/cons and a recommendation.'" Same deal for queuing systems.
2) While we're busy constructing a magical CTI tomorrowland, we also have to take into consideration how we're going to achieve a bridge from here to there. If we're going to change the standards to such an extent that the existing MITRE libraries have to be wholesale rewritten, until that _somehow_ happens, the uptake of the new formats will be _severely_ impacted.
Cheers,
Trey
--
Trey Darley
Senior Security Engineer
Soltra | An FS-ISAC & DTCC Company
www.soltra.com
From: Jordan, Bret <bret.jordan@bluecoat.com>
Sent: Wednesday, July 15, 2015 18:09 To: Terry MacDonald Cc: Trey Darley; cti@lists.oasis-open.org Subject: Re: [cti] Pondering the network effect to avoid the mistakes of the past We need to take in to account the law of the diffusion of innovation and realize that now is the best time to make a major change that will have long term value and benefit. The overall impact right now will be minimal due to the fact that while we have
several early adopters, the overall market penetration is still very low.
For us to claim success we need to get north of 18-20% market penetration and I believe we can do it, but to do so we need to identify the stumbling blocks that are preventing deeper market penetration and then have the courage to address and
fix them.
Remember my now go to statement, Complexity is easy to build, simplicity is not.
Thanks,
Bret
Bret Jordan CISSP
Director of Security Architecture and Standards | Office of the CTO
Blue Coat Systems
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]