Cybersecurity Tower of Babel

[fa icon="clock-o"] Jul 14, 2016 3:30:00 AM [fa icon="user"] Ryan Hohimer [fa icon="folder-open'] Ontologies, Common Modeling Language, Protecting your Enterprise, Unified Cybersecurity Ontology

Cyber Defence Culture and Languages

Cultures and Languages

If you think there is an easy solution to the complex problems of cybersecurity and cyber defense, you need to think again. There is no easy button for cybersecurity; no quick solution for cyber defense.

One of the reasons that it is so hard is that there are so many different perspectives and viewpoints. And, each of those perspectives can have their own verbiage, terms, and languages. I mean let's face it, if you want to be proficient in a foreign land, you have to learn the culture and language. There is no easy shortcut.

Cybersecurity is no different, if you want to be proficient in cyber, you have to learn the culture and languages.

There is the criminal culture of the bad actors. There is the technical culture of the network hardware and operations. There is the business culture of the enterprise. You can't just focus on one of these and succeed.

If you focus only on the enterprise's network and try to create the impervious firewall that only lets the good guys in, the bad guys will spoof the good guys.

If you focus only on the business model and culture, the bad guys will exploit the weakness and vulnerabilities of your network.

If you focus only on the bad guy’s past exploits, you'll find that they change their tactics, techniques, and practices faster than a chameleon changes colors.

You have to have a unified and holistic approach to protecting your enterprise and building your cyber defense strategy.

Outnumbered

Consider the numbers that an enterprise faces. Usually, there are only a few security specialists at an enterprise, compared to the overwhelming numbers of ill-intentioned bad guys trying to breach the enterprise. It is just not fair!

cyber defence - outnumbered.jpg

It is my opinion that in order to balance the effort equation the good guys have to band together. What I mean is that they have to communicate between each other so that they can prepare for what their peers are experiencing.

In order to effectively share experiences and knowledge we have to have a common language to communicate with our co-defenders. This is where standards, common models, and common languages come into the picture.

Unified Cybersecurity Ontology

The University of Maryland, Baltimore County (UMBC) describes the Unified Cybersecurity Ontology (UCO) in this paper.

Having been challenged by inter-system communication issues in cybersecurity, the UCO is definitely an advancement toward a common language. By creating UCO they have pulled together the relevant standards and vocabularies into a usable form. They have mapped STIX, CVE, CCE, CVSS, CAPEC, CybOX, KillChain, linked data concepts, and STUCCO into a very convenient package.

Adopting these cybersecurity standards, vocabularies, and ontologies allows an enterprise to share and correlate information between multiple devices and appliances, and it allows the enterprise to share information in a meaningful way with other enterprises and the broader cybersecurity community.

Does YOUR enterprise use a common language to communicate with co-defenders?

Download a Data Sheet about Cyber Defense

 

What to Focus On When Improving Cyber Defense
Ryan Hohimer

Written by Ryan Hohimer

Ryan has been working with “Big Data” before “Big Data” was cool. Dealing with the challenges of managing massive data sparked his interest in metadata, Semantic Web Technologies (SWT) and Knowledge Representation and Reasoning (KR&R) -- which led to the development of the technology behind DarkLight's patented reasoning engine. Ryan is Co-Founder and CTO of Champion Technology Company.

Subscribe to Email Updates

Subscribe via RSS to the blog
laptop-eyes-technology-computer-2

DarkLight "Works & Thinks" like a human analyst...

Learn More