Cyber Threat Analysis in Complex Adaptive Systems
The use of wartime analogies in cybersecurity is common in our industry. Sun Tzu is often quoted in presentations and papers to emphasize an author’s key point. I will spare…
Executive Director for OASIS Named
Search Process Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.
Common Security Advisory Framework 2.0
OASIS is pleased to announce that Common Security Advisory Framework Version 2.0 from the OASIS Common Security Advisory Framework (CSAF) TC [1] has been approved as an OASIS Committee Specification.…
STIX2.1 & TAXII2.1 Finalized
The leading standards for representing and sharing cyberthreat intelligence are now OASIS Standards, publicly available for download and implementation. OASIS Members and all interested parties, OASIS is pleased to announce…
PART 3: A Third Sphere Model
Sitting at a National War College event in Colorado Springs recently, attending a forum of thought leaders addressing a Public-Private Partnership model for cyber resilience and national preparedness, there was…
PART 2: Fix the Cyber Market Disfunction
In Part 1, I asserted that the reverse market forces at play in the cyber landscape (i.e., unchecked monetization of cybercrime) would lead to a destabilized world unless structural changes…
PART 1: Existential Cyber Threats and the Risk of a Destabilized World
The cyber landscape presents an existential risk to the West! In labeling the cyber threat existential, my underlying premise must be stated: without structural change, former NSA Director General Alexander’s…
An Asymmetric Cyber Strategy
Iran is no stranger to propaganda. The Islamic Republic owes its existence in part to the distribution of cassette tapes with the recorded speeches of Ayatollah Khomeini. These were smuggled…
STIX2.1 Public Review Now Open
The specifications, defining a free, open language for describing and exchanging cyber threat intelligence, enters the 60-day public review that precedes the call for consent as an OASIS Standard. OASIS…
Monero Mining Worm – At Scale
Beginninng in mid-December, 2020 a threat actor group launched a wide-spread attack targeting Linux and Windows operating systems by dropping an XMRig Miner on targeted sites. An analysis of the…
Free Online Courses
CTIN’s Training Center is offering a selection of free online courses on STIX 2.1. Visit our Training Center and take advantage of this focused and informative content: Threat Analysis Frameworks…