IronNet Blog

Breaking down cybersecurity data silos

Written by Don Closser, IronNet Chief Product Officer | Aug 10, 2022 9:45:00 AM

IronNet was built on the concept of collective defense – working together to strengthen the cybersecurity posture of the community. Now, chief information security officers (CISOs) across industries are recognizing that collaboration is the best path forward. In fact, the Wall Street Journal recently reported that 75% of security professionals surveyed by TechTarget want open standards built into vendor products to enable more collaboration and interoperability. 

Threat actors are becoming more sophisticated, so it can take coordination across many different tools to detect and stop today’s cyber attacks. Unfortunately, the time and resources spent normalizing data from these different tools is an accepted cost of performing the analytics and investigations necessary to root out and respond to these attacks. That is why Splunk, AWS, IronNet and 15 additional technology organizations came together to develop the Open Cybersecurity Schema Framework (OCSF) that was announced at Blackhat 2022 earlier today. 

The OCSF project was conceived to make it simpler and less burdensome for organizations to use and exchange security data by providing an open standard for both data producers and consumers to adopt. It is an open-source effort to break down data silos that impede security teams, and its goal is to help organizations detect, investigate, and stop security attacks faster and more effectively. 

IronNet has been the only network detection and response (NDR) provider involved in the creation of OCSF. The IronNet Collective Defense platform offers the unique ability for users to exchange anonymized attack intelligence in near-real time, so we were able to bring our knowledge of data exchange to the OCSF project. 

We have built our platform on the idea of collaboration, so it was an obvious choice for us to help develop a framework that recognizes the importance of building community — not just for the benefit of cybersecurity professionals, but for the organizations and people they protect. 

As a leader in the OCSF steering committee, we have lofty goals. We are working with national and global organizations to incorporate OCSF as part of their standards for cybersecurity data formats. As we often say at IronNet, it’s time we defend together. I’m excited to see how OSCF grows to help us in this mission. 

For information, visit https://github.com/ocsf/.