To fight cyber attacks, tech companies are banding together

  • 📰 PopSci
  • ⏱ Reading Time:
  • 80 sec. here
  • 3 min. at publisher
  • 📊 Quality Score:
  • News: 35%
  • Publisher: 63%

Canada News News

Canada Canada Latest News,Canada Canada Headlines

The new initiative is called the Open Cybersecurity Schema Framework. Here's what it will do.

So why is something like this necessary? Monitoring the computers systems under their purview is a major challenge for cybersecurity departments. In order to stop hacks—or piece together what happened after one—these departments need to be able to see information about things like the number of recent login attempts, what files have been accessed, and when it’s all happened.

In other words, cybersecurity teams aren’t solving cybersecurity problems: they’re using spreadsheets to try and get the data they need from one product to line up with the data they need from another. For example, one bit of software might track logins and login attempts, another tracks what logged-in users do with files on the server, and a third tracks admin access and other high-level requests. Then, assume a hacker breaks into a computer system, installs a bit of malware into a particular folder, and uses that piece of malware to get admin access—all so they can download a load of industry secrets or whatever their target might be.

To follow or recreate this complex sequence of events, the cybersecurity team will have to combine data from all three logging tools. The login-tracking app will report how the hacker got in, the file-tracking app will report the malware install and the download of all the important files, while the admin-tracking app will report how and when they did it. Unless all three apps use the same data format , that’s going to involve a lot of data manipulation.

What the OCSF does is create an open data format that any product vendor can use. This means that different security, hosting, and other relevant tech products can all work together much more easily. Instead of the login, file, and admin-tracking apps all having their own proprietary way of logging timestamps, they’d all be able to use the same standardized data structure. That way, the cybersecurity team could easily track—and ideally stop—the hacker.

 

Thank you for your comment. Your comment will be published after being reviewed.
Please try again later.
We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

 /  🏆 298. in CA

Canada Canada Latest News, Canada Canada Headlines