Do we plan to settle on a single set of industry categories?
I am afraid that would be difficult as we witness several on the list
Ref:
https://en.wikipedia.org/wiki/Industry_classification
There must be some reasons behind why there are several
and each country would use one defined for its own country
due to historical and regional reasons.
As long as each category set is reasonably defined, we can
translate them into another.
Regards,
Ryu
From: Jason Keirstead [mailto:Jason.Keirstead@ca.ibm.com]
Sent: Friday, November 10, 2017 11:16 AM
To: Masuoka, Ryusuke/益岡
竜介 <masuoka.ryusuke@jp.fujitsu.com>
Cc: Allan Thomson <athomson@lookingglasscyber.com>; Bret Jordan <Bret_Jordan@symantec.com>; 'cti@lists.oasis-open.org' <cti@lists.oasis-open.org>; Thompson, Dean <Dean.Thompson@anz.com>; Taylor, Marlon <Marlon.Taylor@hq.dhs.gov>; 'Werntz, Preston' <Preston.Werntz@HQ.DHS.GOV>
Subject: RE: [cti] Re: [EXT] Re: [cti] RE: Suggested Additions to industry-sector-ov
Should we look to existing global standards for this instead of trying to invent our own vocab or pick one from a country (or somehow make an amalgam of countries)
?
Ref:
https://en.wikipedia.org/wiki/Industry_classification
Many possible candidates there, most free to reference without having to pay ISO.
-
Jason Keirstead
STSM, Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security
Without data, all you are is just another person with an opinion - Unknown
From: "Masuoka, Ryusuke" <masuoka.ryusuke@jp.fujitsu.com>
To: "'Werntz, Preston'" <Preston.Werntz@HQ.DHS.GOV>,
Allan Thomson <athomson@lookingglasscyber.com>, Bret Jordan <Bret_Jordan@symantec.com>, Jason Keirstead <Jason.Keirstead@ca.ibm.com>,
"Thompson, Dean" <Dean.Thompson@anz.com>
Cc: "'cti@lists.oasis-open.org'" <cti@lists.oasis-open.org>,
"Taylor, Marlon" <Marlon.Taylor@hq.dhs.gov>
Date: 11/09/2017 08:41 PM
Subject: RE: [cti] Re: [EXT] Re: [cti] RE: Suggested Additions to industry-sector-ov
Hi,
I mentioned this during the F2F in Austin, but there are thirteen "official" critical infrastructures
defined by NISC (https://www.nisc.go.jp/)
in Japan
- information and communication services
- financial services
- aviation services
- railway services
- electric power supply services
- gas supply services
- government and administrative services (including municipal government)
- medical services
- water services
- logistics services
- chemical industries
- credit card services
- petroleum industries
See https://www.nisc.go.jp/eng/pdf/actionplan_ci_eng_v3.pdf
https://www.nisc.go.jp/active/infra/outline.html
Regards,
Ryu
P.S.
I am not exactly sure why credit card services is separate from financial services…
From:
cti@lists.oasis-open.org [mailto:cti@lists.oasis-open.org]
On Behalf Of Werntz, Preston
Sent: Wednesday, November 8, 2017 3:00 AM
To: Allan Thomson <athomson@lookingglasscyber.com>; Bret Jordan <Bret_Jordan@symantec.com>; Jason Keirstead <Jason.Keirstead@ca.ibm.com>;
Thompson, Dean <Dean.Thompson@anz.com>
Cc: 'cti@lists.oasis-open.org' <cti@lists.oasis-open.org>; Taylor, Marlon <Marlon.Taylor@hq.dhs.gov>
Subject: RE: [cti] Re: [EXT] Re: [cti] RE: Suggested Additions to industry-sector-ov
Very good point Allan. I was coming at it from a DHS-centric view around the 16 critical infrastructures we track (https://www.dhs.gov/critical-infrastructure-sectors)
but if there’s a way that’s not too burdensome to allow for other regions or countries to annotate it differently, that makes sense.
Preston
From:
cti@lists.oasis-open.org[mailto:cti@lists.oasis-open.org]
On Behalf Of Allan Thomson
Sent: Tuesday, November 7, 2017 11:53 AM
To: Bret Jordan <Bret_Jordan@symantec.com>;
Jason Keirstead <Jason.Keirstead@ca.ibm.com>;
Thompson, Dean <Dean.Thompson@anz.com>
Cc: 'cti@lists.oasis-open.org' <cti@lists.oasis-open.org>;
Taylor, Marlon <Marlon.Taylor@hq.dhs.gov>
Subject: Re: [cti] Re: [EXT] Re: [cti] RE: Suggested Additions to industry-sector-ov
I think we need to recognize (as others have pointed out) that some of these sector definitions are region specific.
So we might need to consider
us_chemical_sector
us_dams_sector
Australia_energy_sector
……etc.
If this introduces too many values in the ov then we should consider how to resolve the fact that there are differences across regions in these definitions.
Allan
From:
"cti@lists.oasis-open.org"
<cti@lists.oasis-open.org> on behalf of Bret Jordan <Bret_Jordan@symantec.com>
Date: Tuesday, November 7, 2017 at 8:49 AM
To: Jason Keirstead <Jason.Keirstead@ca.ibm.com>, "Thompson,
Dean" <Dean.Thompson@anz.com>
Cc: "cti@lists.oasis-open.org" <cti@lists.oasis-open.org>,
"Taylor, Marlon" <Marlon.Taylor@hq.dhs.gov>
Subject: [cti] Re: [EXT] Re: [cti] RE: Suggested Additions to industry-sector-ov
I will also post these comments and feedback on the github issue tracker for this.
One of the things we tried really hard to do is make sure that we were not overly verbose with categories. Basically try and bubble up to a higher level group. However, we probably missed a
few here and there.
1) Chemical Sector - Is this a one off, or are there others we need to add? If so, is there a higher level category that we can come up with that contains this??
2) Commercial Facilities Sector - Can you give an example of what this would be?
3) Dams Sector - I think this would be handled by the "Infrastructure", "Energy", or "Utilities" sector categories
4) Nuclear Reactors, Materials, and Waste Sector - For the Nuclear Reactors I figured they would be part of "Infrastructure", "Energy", or "Utilities". Is the Materials / Waste specific to
Nuclear ? If so I might suggest that we make the sector name just "Nuclear" and not put the various sub elements, because someone will just ask for one more sub element.
5) Water and Wastewater Systems Sector - I figured these would go in to "government-public-services" but I guess Water could also go in to "Infrastructure" depending on how you viewed it.
If we do decide to add any of these, we should really try to figure out if they are just sub categories of something else, if so, we should use our adopted standard of toplevelcategory-subcategory
style.
Bret
From:
cti@lists.oasis-open.org<cti@lists.oasis-open.org>
on behalf of Jason Keirstead <Jason.Keirstead@ca.ibm.com>
Sent: Tuesday, November 7, 2017 7:17:24 AM
To: Thompson, Dean
Cc: 'cti@lists.oasis-open.org'; 'Taylor, Marlon'
Subject: [EXT] Re: [cti] RE: Suggested Additions to industry-sector-ov
In North America they're usually owned and operated by power utilities.
-
Jason Keirstead
STSM, Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security
Without data, all you are is just another person with an opinion - Unknown
From: "Thompson, Dean" <Dean.Thompson@anz.com>
To: "'Taylor, Marlon'" <Marlon.Taylor@hq.dhs.gov>,
"'cti@lists.oasis-open.org'" <cti@lists.oasis-open.org>
Date: 11/07/2017 06:42 AM
Subject: [cti] RE: Suggested Additions to industry-sector-ov
Sent by: <cti@lists.oasis-open.org>
Hi!,
One quick one, but are “Dam’s” a subset of the “Water” sector. I know in Australia we treat it like this.
Regards,
Dean
From:
cti@lists.oasis-open.org[mailto:cti@lists.oasis-open.org]
On Behalf Of Taylor, Marlon
Sent: Tuesday, 7 November 2017 5:36 AM
To: cti@lists.oasis-open.org
Subject: [cti] Suggested Additions to industry-sector-ov
Hi TC,
During the October F2F the omissions of specific some critical infrastructure was discussed and it was suggested to open a github issue to add those items to the industry-sector-ov. This change adds support for sectors not previously included and does not have
a negative impact on the existing sectors.
GITHUB LINK: https://github.com/oasis-tcs/cti-stix2/issues/34
Are there any objections to including the resolution of this item into 2.1?
Marlon Taylor
Technology Services Section
National Cybersecurity & Communications Integration Center (NCCIC)
U.S. Department of Homeland Security
"This e-mail and any attachments to it (the "Communication") is, unless otherwise stated, confidential, may contain copyright material and is for the use only of the intended recipient. If you
receive the Communication in error, please notify the sender immediately by return e-mail, delete the Communication and the return e-mail, and do not read, copy, retransmit or otherwise deal with it. Any views expressed in the Communication are those of the
individual sender only, unless expressly stated to be those of Australia and New Zealand Banking Group Limited ABN 11 005 357 522, or any of its related entities including ANZ Bank New Zealand Limited (together "ANZ"). ANZ does not accept liability in connection
with the integrity of or errors in the Communication, computer virus, data corruption, interference or delay arising from or in respect of the Communication."