Authors: Dr. Phyllis Schneck, Deputy Under Secretary for Cybersecurity and Communications
Dr. Andy Ozment, Assistant Secretary for Cybersecurity and Communications
Richard Struse, Chief Advanced Technology Officer, National Cybersecurity and Communications Integration Center
We are pleased to announce that the Department of Homeland Security (DHS) has transitioned the STIXTM and TAXIITM specifications for the automated exchange of cybersecurity data to the Organization for the Advancement of Structured Information Standards (OASIS).
The selection of OASIS guarantees that the entire family of STIX/TAXII specifications will always be freely available to anyone around the world. OASIS is a non-profit consortium that drives the development, convergence, and adoption of open standards for the Internet.
The transition, led by DHS, brought together a record number of organizations from around the world to participate in the new OASIS Cyber Threat Intelligence (CTI) Technical Committee. The CTI Technical Committee will oversee development and promote adoption of standards that enable cyber threat intelligence to be analyzed and shared among trusted partners and communities. This work will support automated information analysis and sharing for cyber security situational awareness, real-time network defense, and sophisticated threat characterization and response.
The CTI Technical Committee is chaired by Richard Struse, Chief Advanced Technology Officer, of DHS’s National Cybersecurity and Communications Integration Center (NCCIC). The impact of this work will be the prevalence of cyber threat indicators being shared and correlated worldwide in near-real-time, making networks and electronic devices safer and smarter.
This transition is the culmination of three years of work in collaboration with the private sector to define, develop, and implement a robust set of technical specifications to advance the state of the practice in computer network defense. From the inception of these efforts, DHS has maintained that STIX and TAXII would be transitioned to an internationally-recognized standards development organization once the specifications reached an appropriate level of maturity. That day has come, and the transition to OASIS represents an exciting next step in the continued advancement and evolution of STIX and TAXII.
OASIS has an excellent track record in successfully transitioning accepted technical specifications to voluntary consensus standards and in recognizing and building on that existing work. In addition, the global membership of OASIS mirrors the diversity of the STIX/TAXII community and includes a wide variety of government entities, technology vendors, academic institutions, and end-user organizations that have been so critical to the success of the specifications. The transition of STIX and TAXII to OASIS provides greater transparency and stakeholder participation in the development process which will help ensure the stability and continuing viability of STIX and TAXII as true international standards. These changes have the potential to significantly increase adoption and use of STIX and TAXII and thereby strengthen global cybersecurity practices.
This transition allows DHS to concentrate our efforts on ensuring the widest and most effective implementations of STIX and TAXII to achieve our mission. Through the CTI Technical Committee and other mechanisms, DHS will continue to play an active role and support the development of critical documentation, tools and application programming interfaces.
The only thing that is changing is that the direction of STIX and TAXII will now be in the hands of a robust global community committed to its success. We are confident that this transition marks the beginning of an even more vibrant and successful cybersecurity ecosystem built on STIX and TAXII that will yield significant improvements in the overall security of our cyber infrastructure.