Uploaded image for project: 'Cyber Standards Council'
  1. Cyber Standards Council
  2. CYBERCOUNC-2

Business Justification for OpenC2

    XMLWordPrintable

    Details

    • Type: Task
    • Status: New
    • Priority: Major
    • Resolution: Unresolved
    • Labels:
      None
    • Proposal:
      Hide

      1. to discuss whether this is within scope of Standards Council (propose that it is)
      2. discuss and decide on the work product to create for OpenC2 (propose a wiki page?)
      3. develop a work plan to create the OpenC2 work product and ask for volunteers to execute it
      4. Evaluate the experience and decide what, if any, other OASIS cybersecurity standards we should create similar work products for
      etc

      Show
      1. to discuss whether this is within scope of Standards Council (propose that it is) 2. discuss and decide on the work product to create for OpenC2 (propose a wiki page?) 3. develop a work plan to create the OpenC2 work product and ask for volunteers to execute it 4. Evaluate the experience and decide what, if any, other OASIS cybersecurity standards we should create similar work products for etc

      Description

      Sounil Yu gave an excellent presentation to the Standards Council on Monday Nov 6, 2017. At the meeting, one of the attendees (someone tell me who and I'll fill in their name) asked that someone give the business reasons behind OpenC2. He mentioned he was a Board member for a bank and he'd like to know about the business justification and what OpenC2 will mean to Board members - ie at a plane above the technical level of the TC.

      There are several reasons for creating this issue:
      1. to provide fodder for the other issue on 'what are the rules for issues' (CYBERCOUNC-1) so we'd have a concrete example
      2. part of work plan is to figure out exactly what is the role of the Standards Council. If we accept this issue, work it, and it seems useful - this issue might model a standard role for the Council. Ie TC's work the technical details and Standards Council works the business reasoning justifying when to use or not use, the various cybersecurity standards within the Council scope (STIX, TAXII, OpenC2, KIMP, ....).
      3. to answer his question

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              duncan Duncan Sparrell
            • Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: