According to the companies, this mismatch can lead to a delay in understanding how a cyber attack might occur because data from one tool often has to be converted to a compatible format to work with another tool. This can hinder the analysis of underlying threat data, said Mark Ryland, a senior cybersecurity executive at Amazon Web Services (AWS), the cloud computing arm of Amazon.
The new standard – known as the Open Cybersecurity Framework – was announced Tuesday at the Black Hat Cyber Security Conference in Las Vegas. The project is led by AWS, cybersecurity firm Symantec and Splunk, a data analytics company.
“OCSF’s initiative is truly unprecedented,” Erkang Zheng, CEO of cybersecurity firm JupiterOne, said in a statement. “Data normalization before ingestion has been one of the biggest weaknesses for security professionals, and the overall framework proposed by OCSF, backed by common domain knowledge across many security vendors, simplifies this time-consuming step, ultimately enabling better and stronger security for all.” .