[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [cti] Taking a step back to gain some perspective
Trey, I couldn't agree with you more – thank you for this. The past few months have been a period of adjustment and change for this community and in the midst of all that it is sometimes easy for us to lose sight of the bigger picture. Since mid-June - basically five short months ago - we have accomplished the following: 1. Created a brand-new TC within OASIS that is now the largest in OASIS history 2. Successfully transitioned STIX, TAXII and CybOX to the TC and instituted an entirely new governance model 3. Executed on the work program identified as phase 1 in the TC charter – codifying the existing specifications as OASIS standards 4. Begun the very hard work of figuring out what we want the next major releases of STIX, TAXII and CybOX to look like These are not insignificant achievements. I believe that most of the friction we have seen as of late is due to genuine passion to solve the parts of the problem that we can through cyber threat intelligence combined with a sense of urgency that the world isn’t standing still as we figure out where we need to go. I for one would much rather have a TC where many passionate voices express their strongly-held beliefs than the alternative – no passion or energy at all. However, it is critically important that these conversations be as cordial and professional as possible, otherwise we risk turning differences of opinion into just plain differences. Your olive branch is therefore much appreciated and hopefully will serve as an inspiration for all of us in this community. Thank you to everyone in this community for your time, energy and insights as we work to make STIX, TAXII and CybOX the best we possibly can. As Trey pointed out, the challenges we face in cybersecurity demand nothing less. Regards, Rich -----Original Message----- All - Just to be clear, I do *not* underestimate the challenges confronting us in the infosec space *nor* am I claiming that information-sharing is the silver bullet that will save the world. Nor do I take it as a given that our common project will ultimately prove successful in making a substantial impact. But I *do* firmly maintain that when you look beyond the issues that currently divide our community, there is a common goal of trying to make the internet more secure and thereby make the world a safer place. The extent to which we're able to come together in spite of our differences and build upon what unites us in order to forge ahead with renewed vigor is the overwhelming factor that will determine the fate of our project and what sort of legacy we leave behind. We confront some hard problems. But we're a resilient species and have proven time and again that when the chips are down, we can pull together to achieve the seemingly impossible. Let us not lose heart, nor allow our momentum to be deflected by ego or tribalism. As someone who's emerged as something of a polarizing figure in the messaging tribe, let me be clear: I'm extending an olive branch. We're all fighting for the same cause. We can do this together. -- Cheers, Trey -- Trey Darley Senior Security Engineer 4DAA 0A88 34BC 27C9 FD2B A97E D3C6 5C74 0FB7 E430 Soltra | An FS-ISAC & DTCC Company www.soltra.com -- "There's never enough time. Thank you for yours." --Dan Geer |
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]