In a bid to provide interoperability and data-sharing across several cybersecurity products and companies, IBM Security and McAfee are spearheading an open-source cybersecurity alliance along with 14 other cybersecurity companies across the globe.
The new Open Cybersecurity Alliance (OCA) will fall under the umbrella of the Organization for the Advancement of Structured Information Standards (OASIS) open standards and open-source group and will include companies like Advanced Cyber Security Corp, Corsa, CrowdStrike, CyberArk, Cybereason, DFLabs, EclecticIQ, Electric Power Research Institute, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotient, and Tufin.
IBM Security and McAfee kicked off the open-source initiative which will enable information security companies that are a part of the OCA consortium to freely exchange information, insights and even threat orchestration.
“Today, organizations struggle without a standard language when sharing data between products and tools,” Carol Geyer, chief development officer of OASIS, said in a statement. “We have seen efforts emerge to foster data exchange, but what has been missing is the ability for each tool to transmit and receive these messages in a standardized format, resulting in more expensive and time-consuming integration costs. The aim of the OCA is to accelerate the open sharing concept making it easier for enterprises to manage and operate.”
At present, enterprises use up to 50 different security tools from 10 major cybersecurity vendors. The new consortium will enable companies under the OCA to even develop and promote open source content, codes, etc. The alliance will tackle siloed data gathered by different security products and speed up response time, which would have been time-consuming when the data packets were isolated to particular vendors or products.
“When security teams are constantly spending their time manually integrating tools and maintaining those integrations, it’s not helping anyone other than the attackers,” said Jason Keirstead, chief architect, IBM Security Threat Management, in a statement. “The mission of the OCA is to create a unified security ecosystem, where businesses no longer have to build one-off manual integrations between every product, but instead can build one integration to work across all, based on a commonly accepted set of standards and code.”