Cybersecurity experts will soon be able to exchange
information on network attack forensics and vulnerabilities using a
standard vocabulary and message exchange system to improve
interoperability of network defences.
Last week a meeting of an International Telecommunications Union
(ITU) security standards group agreed a cybersecurity information
exchange framework based on best-of-breed standards from government
agencies and industry.
Record attendance at the meeting of
ITU-T's
Study Group 17 indicated the growing importance of
cybersecurity work in the global ICT community, Malcolm Johnson,
director of the ITU's standardisation bureau, told Computer
Weekly.
Johnson said it was essential for experts in cybersecurity and
telecoms infrastructure protection to exchange information on
threats and vulnerabilities. "The framework will, for the first
time, provide for this exchange globally," he said.
Network security experts, such as national computer emergency
response teams will be able to capture and exchange information
about the security state of systems and devices, vulnerabilities,
incidents such as cyber attacks, and build up a knowledge base. The
information will be available to colleagues in various ways with an
eye to their global interoperability and use, he said.
The ITU and the
Forum for
Incident Response and Security Teams (First), will start work
together to produce the first worldwide web-based directory of
cybersecurity organisations and centres.