Introducing Borderless Cyber News, a curated newsletter featuring announcements, commentary, and tutorials related to cybersecurity standardization activities. Although content is not limited to OASIS work, information on STIX, TAXII, and CybOX and on CTI TC members will be featured. See the latest issue and subscribe.
|
|
The Organisation for Economic Cooperation and Development (OECD)'s Recommendation on Digital Security Risk Management for Economic and Social Prosperity recognizes the role that digital security risk management plays in protecting economic and social prosperity and provides recommendations for best practices to be followed by governments, enterprises, and individuals. As part of the Internet Technical Advisory Committee (ITAC) to the OECD, OASIS encourages the adoption of these principles across the global Internet community.
|
|
The CTI Interoperability Subcommitee will develop tests and guidelines for confirming a product's adherence to STIX, TAXII, and CybOX. The work will help organizations identify interoperability issues between products and conduct qualitative reviews. David Eilken of FS-ISAC and Patrick Maroney are chairs.
The CTI Marketing Group will engage in communications and marketing activities that promote worldwide adoption of STIX, TAXII, and CybOX. The Marketing Group will work to educate implementers on the value of CTI standards and provide recognition for members. The Marketing Group will meet by teleconference on 10 Nov.
|
|
US Audit Data Collection Technical Advisory Group helps launch ISO/PC 295
|
|
|
The ISO Audit Data Collection Project Committee held its first meeting this week in Beijing. The group will define the international standard for how auditors can obtain accounting data. The US TAG, which is administered by ANSI in partnership with OASIS, includes representatives from AICPA, Deloitte, Ernst & Young, KPMG, Microsoft, PwC, and XBRL.org. Additional participants welcome. Contact OASIS for details.
|
|
Open Building Information Exchange (OBIX) enables the mechanical and electrical control systems in buildings to communicate with enterprise applications. OBIX 1.1, OBIX Common Encodings 1.0, OBIX REST Bindings 1.0, OBIX SOAP Bindings 1.0 and OBIX WebSockets Bindings 1.0 have all been approved as Committee Specifications. Congratulations to OBIX TC chair, Toby Considine of the University of North Carolina at Chapel Hill, and to all TC members for accomplishing this milestone.
|
|
Public review underway for DITA
|
|
|
Darwin Information Typing Architecture (DITA) 1.3 defines a set of document types for authoring and organizing topic-oriented information and a set of mechanisms for combining, extending, and constraining document types. This public review, which ends 15 Nov, is in preparation for an OASIS Standard ballot.
|
|
|
|
"There is no absolute security.
It's about reducing risk to an acceptable level."
OECD Recommendation
|
|
|
|
Important Dates
|
|
|
|
|