The Evolution of Open Security—Beyond Open Standards, What is needed to Make Open, Distributed Cybersecurity Systems Architecture a Reality? (S20c)
We must go beyond stating that there should be standards or that standards are needed in order to achieve open cybersecurity. This much is obvious. There are many open standards in existence today and certainly no shortage of open source cybersecurity technologies. Two years after launching the Open Cybersecurity Alliance, we have made significant progress in education and growing mindshare around the importance of cybersecury interoperability, but there is still much to be done. Due to lack of incentives, many cybersecurity vendors still launch products without enough investigation into open standards. Simultaneously, new alliances are being formed that promote vertically-integrated proprietary stacks. In order to effectively combat today’s threats, design rules and data standards that heterogenous security solutions can easily implement, created from rough concensus under open governance, is where we need to move as an industry.