Standards

A quick update regarding the future of FIRST standards.

Instantiating the FIRST Standards Committee

FIRST has long played host to a number of internationally recognized standards such as CVSS and TLP. We also host a number of standards which seem like they ought to be candidates for wider international recognition, e.g. IEP, EPSS, the DNS Abuse Matrix. As a community our approach to supporting standardization efforts has been somewhat ad hoc and best effort to date, but we aim to do better. In September 2021 the FIRST Board passed a motion to establish a standing committee focused on standards. We had a well-attended BoF to kick things off in Montreal, and on the basis of which a tiger team is being established to define the initial charter and operating model of the FIRST Standards Committee.

If you’re interested in helping define the future of FIRST standards, please reach out to standards-info@first.org.

Tracking external standards

As cybersecurity professionals it’s prudent for us to collectively keep tabs on standards impacting our work being developed or recognized by other standards organizations (e.g. IETF, ISO, OASIS, ITU-T). If you know of some draft standards that touch on incident response (or more broadly on the practice of cyber defense) please give us a heads-up at standards-info@first.org so we can make sure that it’s on our collective radar.

Don’t miss the opportunity to review and provide feedback on the draft STIX2 incident-reporting data model

There is a global regulatory trend towards imposing mandatory incident reporting requirements. Here we have a unique opportunity to achieve an internationally recognized definition of a core data model for machine-machine / tool-to-tool interoperability and cover entity-to-regulator incident reporting. We're not trying to boil the ocean, the 80/20 rule is good enough, but we would hate to miss your use cases.

You can familiarize yourself with the current STIX2 Incident draft on Github. (Feel free to make liberal use of the issue tracker!)

That's all for this now, we'll be back with more updates about standards next quarter.

Published on FIRST POST: Jul-Sep 2023