Hi All:
I received this response from Rod Rasmussen of IID. He is one of the
Co-Chairs of the CSRIC Working Group on CyberSecurity. He tried to
post directly to the list, but it did not go through. So, he asked
me to post this on his behalf. It is good to see that we are
coordinated here with this other important initiative in the telcom
sector. Thanks for bringing it to the group's attention, Tony.
"Actually, I am here and have been on this list from
pretty near the beginning.
I thought at least the other companies at least are
represented here, but not the other co-chairs themselves. In
any event, as one of the co-chairs, I’m in a good position to
ensure the work we do within CSRIC on the data sharing topics
reflect the realities going on here and elsewhere. That
actually was one of the concerns all of us as co-chairs had -
not re-inventing the wheel, going off in the wrong direction, or
getting sucked into things outside the remit CSRIC is working
under. We’re all well aware of the OASIS efforts and I’m sure
many of the CSRIC work party members will also be on this list
as well. Things are still formulating and not 100% settled yet
with the working group, but we do have the next CSRIC meeting
this coming Monday, so more shall be forthcoming shortly. One
of the primary areas that will be covered in the work is
“Conduits for Information Sharing” which clearly the work here
applies to and it will undoubtedly be a prominent part of the
CSRIC work product.
Cheers,
Rod
Rasmussen
President & CTO
IID Security Central
internetidentity.com
+1.253.590.4088 office
+1.253.297.0377 mobile"
On 9/16/2015 2:31 PM, JG on CTI-TC
wrote:
Tony/Terry:
I think we should reach out to the three co-chair people of
Working Group 5 ( on Cybersecurity Information Sharing ) plus
their FCC Liaisons. I just checked our most up-to-date Roster and
none of the companies on the FCC Working Group are represented
here on the CTI-TC.
Interesting that they are starting with the Use Case analysis too.
Jane Ginn
CTIN
On 9/15/2015 3:28 PM, Terry MacDonald
wrote:
Good idea Tony. It may be something we may be able
to align on. It would be good if later versions of TAXII STIX
and CybOX covered the scenarios they need as well. I would
think that the use cases we are identifying as part of the
various SCs will already cover what they would require but it
never hurts to ask.
Maybe a good first step for the new sub-committee?
Cheers
Terry MacDonald
On 16 Sep 2015 1:04 am, "Tony
Rutkowski" < tony@yaanatech.com>
wrote:
Hi Rich,
The FCC's CISRIC (Communications Security, Reliability
and Interoperability Council) advisory committee
just published the agenda for its 21 Sep 2015 meeting.
See attached.
Its Working Group 5 is dedicated to "cybersecurity
information sharing." and has an expansive set
of milestones that significantly encompass the
bases for OASIS CTI and its work. However, the
agenda evinces no obvious CTI cognizance or
engagement.
Given the significance of the telecommunication/
internet industry and the importance of its
adopting CTI platforms, perhaps some extra
outreach is appropriate.
best,
tony
---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS
TC that
generates this mail. Follow this link to all your TCs in
OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
--
Jane Ginn, MSIA, MRP
Cyber Threat Intelligence Network, Inc.
jg@ctin.us
--
Jane Ginn, MSIA, MRP
Cyber Threat Intelligence Network, Inc.
jg@ctin.us
|