AUS
NZ
UK
CA
USA
FRA
GER
ESP
ITA
NLD
PRT
SWE
GRC
IND
POL
BRA
ZAF
RUS
CHN
UAE
Cisco, Cyware, IBM, U.S. NIST, and Others Advance Committee Specification for Orchestrating and Automating Cyber Response Playbooks
BOSTON, MA, USA, December 13, 2023 /EINPresswire.com/ -- OASIS Open, the international open source and standards consortium, and the Collaborative Automated Course of Action Operations (CACAO) for Cyber Security Technical Committee (TC) have approved CACAO Security Playbooks v2.0 as an OASIS Committee Specification (CS). CACAO v2.0 will empower organizations to orchestrate, collaborate, and share cybersecurity playbooks. In the ongoing battle against threat actors, organizations must identify, create, document, and test various steps to detect, investigate, mitigate, and remedy potential threats. The culmination of these steps results in a cybersecurity playbook designed to secure organizational systems, networks, data, and users.
CACAO v2.0 defines the schema and taxonomy for cybersecurity playbooks and describes how they can be created, documented, and shared in a structured and standardized way across organizational boundaries and technological solutions. These playbooks give security teams the ability to respond to incidents, mitigate threats, and protect their networked systems by offering a modular and extensible approach to playbook development, ensuring that it can adapt to the diverse needs of different organizations.
"CACAO is the culmination of many years of hard work from the cybersecurity community outside and within OASIS, resulting in a significant step forward for all organizations looking to automate their defense against today’s latest cyber threats,” said Allan Thomson, co-chair of the CACAO TC. “We’ve taken the approach with CACAO, to embrace existing toolsets and processes, security organizations are already familiar with, and defined a standardized playbook mechanism that allows orchestration and collaboration not easily achieved both within their own organization, as well as with external sharing partners.”
"The creation, development, and now approval of CACAO v2.0 as a Committee Specification is a testament to the hard work and collaboration of so many different individuals and organizations from around the world to help solve one of the biggest problems in cyber defense: the orchestration of response in cyber relevant time," said Bret Jordan, co-chair of the CACAO TC. “This standardized approach to orchestrated cyber defense gives organizations the ability to navigate the evolving threat landscape with confidence, armed with the tools needed to orchestrate and automate responses effectively. I am so proud of the work that everyone has done to make this a reality. This TC has done for cyber security playbooks what STIX and TAXII did for cyber threat intelligence (CTI).”
For further insights, read the blog Standardized Security Orchestration with CACAO, written by Bret Jordan, Vasileios Mavroeidis, Luca Morgese, and Allan Thomson.
The CACAO TC is made up of a diverse group of global experts from various industries, including cybersecurity, government, and academia. OASIS Open encourages organizations and individuals to get involved in the development and adoption of CACAO v2.0 and other open standards for cybersecurity.
Additional Information
CACAO Technical Committee
About OASIS
One of the most respected, nonprofit open source and open standards bodies in the world, OASIS advances the fair, transparent development of open source software and standards through the power of global collaboration and community. OASIS is the home for worldwide standards in IoT, cybersecurity, blockchain, privacy, cryptography, cloud computing, urban mobility, emergency management, and other content technologies. Many OASIS standards go on to be ratified by de jure bodies and referenced in international policies and government procurement. www.oasis-open.org
Media Inquiries
[email protected]
Carol Geyer
OASIS Open
+1 941-284-0403
email us here
