April’s meeting of ITU-T’s cybersecurity group (SG 17
) saw a presentation on progress on the six months of work on the Cybersecurity Information Exchange Framework (CYBEX).
CYBEX imports more than twenty best of breed standards for platforms developed over the past several years by government agencies and industry to enhance cybersecurity. These platforms capture and exchange information about the security "state" of systems and devices, about vulnerabilities, about incidents such as cyber attacks, and related knowledge "heuristics." The Framework pulls these platforms together in a coherent way to provide for 1) “locking down” on-line systems to minimize vulnerabilities, 2) capturing incident information for analysis when network harmful incidents occur, and 3) facilitating evidence for enforcement action if necessary.
The presentation noted a close collaborative relationship with the Forum of Incident Response and Security Teams (FIRST
) - a global organization for coordination and cooperation among Computer Emergency Response Teams.
A wiki-based initial compilation of discovered CIRTs and related agencies and bodies to the SG17 website at: http://www.itu.int/ITU-T/studygroups/com17/nfvo/index.html
See previous newslog entry
for more information on CYBEX.