{"id":5058,"date":"2022-09-13T15:45:33","date_gmt":"2022-09-13T19:45:33","guid":{"rendered":"https:\/\/solutionsreview.com\/endpoint-security\/?p=5058"},"modified":"2022-09-13T15:47:55","modified_gmt":"2022-09-13T19:47:55","slug":"open-cybersecurity-schema-framework-and-the-long-road-ahead","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/","title":{"rendered":"Open Cybersecurity Schema Framework and the Long Road Ahead"},"content":{"rendered":"<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-5059\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead.jpg\" alt=\"OCSF\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead.jpg 800w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead-300x150.jpg 300w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead-768x384.jpg 768w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead-540x270.jpg 540w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead-162x81.jpg 162w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify;\"><em><strong>As part of Solutions Review\u2019s Premium Content Series\u2014a collection of contributed columns written by industry experts in maturing software categories\u2014 Steve Benton of <a href=\"https:\/\/anomali.com\" target=\"_blank\" rel=\"noopener\">Anomali<\/a> warns us that while OCSF is a great start, IT teams still have a long road ahead of them in the effort to streamline security.<\/strong><\/em><\/p>\n<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-4938\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/06\/SR-Premium-Content.gif\" alt=\"Premium Content\" width=\"105\" height=\"110\" srcset=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/06\/SR-Premium-Content.gif 105w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/06\/SR-Premium-Content-77x81.gif 77w\" sizes=\"(max-width: 105px) 100vw, 105px\" \/>For too many years, security vendors have brought products and services to market that were difficult \u2013 sometimes even impossible \u2013 to integrate, leaving IT teams to scramble as they tried to interpret alerts about potential cyber threats. But the recent announcement of a new open data standard for sharing cybersecurity information called Open Cybersecurity Schema Framework (OCSF) promises a change for the better. Once OCSF is put into practice, hard-pressed SOC teams will be able to act on notifications from different cybersecurity monitoring with far more precision and speed. Essentially, OCSF is trying to take the irritation away from the SOC teams of having to do the heavy lifting of integration.<\/p>\n<p style=\"text-align: justify;\">Previously, SOC teams, or vendors of SIEM-style technologies, would have had to stitch together a patchwork fabric with pieces of source event data, a fragmented approach that also let threat actors hide and benefit from gaps or delay in detection. The beauty of having data about potential hacking activity in one format means that internal teams will be able to recognize attacks earlier, as they will no longer be forced to operate several dashboards to monitor multiple events. Instead, they will be able to compile and standardize alerts and rapidly vet incoming data to determine the next steps.<\/p>\n<p style=\"text-align: justify;\">While OCSF marks a good beginning, more still needs to happen.<\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"#\" href=\"https:\/\/solutionsreview.com\/endpoint-security\/free-endpoint-protection-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2019\/01\/endpoint-security-speedbump-cta.jpg\" alt=\"Download Link to Endpoint Security Buyer's Guide\" width=\"800\" height=\"225\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/span><\/p>\n<h2 style=\"text-align: justify;\"><strong>OCSF and the Long Road Ahead<\/strong><\/h2>\n<hr \/>\n<h3 style=\"text-align: justify;\"><strong>\u2018Holy Grail\u2019 Remains Elusive<\/strong><\/h3>\n<p style=\"text-align: justify;\">OCSF must go further to address the challenges facing already overworked SOC teams. The fact remains that many security teams will find themselves overwhelmed as they try to manage this new, wider net of detection data.<\/p>\n<p style=\"text-align: justify;\">The holy grail of \u2018one screen\u2019 &#8211; the very idea we are looking to move to with XDR &#8211; will still not exist. Even though OCSF unifies security events, it still does not unify the execution and coordination of security controls. So, as they respond to the broader event alerts OCSF enables, organizations will still have to go full \u2018swivel chair\u2019 mode, screen to screen, with different data and information. They\u2019re already working full bore to get an accurate handle on data, separating real threats from false positives.<\/p>\n<p style=\"text-align: justify;\">During this interregnum, SOC teams will likely find themselves forced to exist in two worlds \u2013the pre-OCSF and post-OCSF &#8211; while the new standard gains adoption across their security ecosystem. This will chew up more time as they figure out how to manage a migration journey while still maintaining their security posture to respond to events effectively.<\/p>\n<h3 style=\"text-align: justify;\"><strong>Missing Features<\/strong><\/h3>\n<p style=\"text-align: justify;\">OCSF is a standard for delivering data to the customer&#8217;s environment, but there&#8217;s no magic super data lake to tap into here. The consortium isn\u2019t building an infrastructure to hold this telemetry. They&#8217;re creating a standard that standardizes the structures of the telemetry.<\/p>\n<p style=\"text-align: justify;\">While that\u2019s welcome news, the standard is missing guidance for MITRE ATT&amp;CK integration\/linkage, a puzzling omission. As all SOC and CTI teams know, MITRE ATT&amp;CK is hugely beneficial to our understanding of threats and attacks. The MITRE ATT&amp;CK is the centerpiece of everything from threat intelligence all the way through to incidents. Most good organizations with a strong security team are heavy users of MITRE ATT&amp;CK because it is so fundamental in understanding and codifying what&#8217;s happening.<\/p>\n<p style=\"text-align: justify;\">No doubt the standard will, in time, evolve to allow the analysis of a wider and deeper range of security issues as teams accumulate a back history of OCSF events. The key to channeling the priorities remains threat intelligence to know where to look and for what.<\/p>\n<p style=\"text-align: justify;\">It\u2019s still unclear how soon we\u2019ll see available OCSF feeds from the security vendors. This essentially will mean taking the native events data from the source, mapping it to the OCSF schema, and making it available as an OCSF feed. Indeed, this may be the initial approach from vendors themselves as they rush to release \u2018OCSF compliant\u2019 products.<\/p>\n<p style=\"text-align: justify;\">That raises questions on (a) the processing overheads this might place on tools\/sensors and (b) the integrity of the OCSF feed compared to the native events from which they are derived. It will surely be some time before tools and sensors produce OCSF events fully natively. And for some time, tools and sensors will have to continue to provide their current events feeds alongside OCSF as organizations migrate and adopt OCSF.<\/p>\n<p style=\"text-align: justify;\">It\u2019s all part of a longer contest, a crucial long game that requires persistence and true commitment. As a history buff, I recall what Winston Churchill famously said in 1942, after the UK won a significant victory at El Alamein. That looked to have finally reversed a demoralizing trend of defeats from Dunkirk to Singapore. But Churchill knew there was still a great deal to be done against a determined adversary.<\/p>\n<p style=\"text-align: justify;\">\u201cThis is not the end,\u201d Churchill cautioned, during a much celebrated 1942, address. \u201cIt is not even the beginning of the end. But it is, perhaps, the end of the beginning.\u201d<\/p>\n<p style=\"text-align: justify;\">As we look for new ways to improve our odds in the ongoing battle against cyber marauders, it\u2019s a valuable lesson to keep in mind. And, remember what came afterward: A coalition of allies that worked together, persisted, turned the tide, and ultimately secured a lasting victory.<\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"#\" href=\"https:\/\/solutionsreview.com\/endpoint-security\/free-endpoint-protection-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2019\/01\/endpoint-security-speedbump-cta.jpg\" alt=\"Download Link to Endpoint Security Buyer's Guide\" width=\"800\" height=\"225\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As part of Solutions Review\u2019s Premium Content Series\u2014a collection of contributed columns written by industry experts in maturing software categories\u2014 Steve Benton of Anomali warns us that while OCSF is a great start, IT teams still have a long road ahead of them in the effort to streamline security. For too many years, security vendors [&hellip;]<\/p>\n","protected":false},"author":311,"featured_media":5059,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[2,335],"tags":[1681,1148,75,1314,161,1679,1678,1680,154,379],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Open Cybersecurity Schema Framework and the Long Road Ahead<\/title>\n<meta name=\"description\" content=\"Steve Benton of Anomali warns us that while OCSF is a great start, IT teams still have a long road ahead of them in the effort to streamline security.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Open Cybersecurity Schema Framework and the Long Road Ahead\" \/>\n<meta property=\"og:description\" content=\"Steve Benton of Anomali warns us that while OCSF is a great start, IT teams still have a long road ahead of them in the effort to streamline security.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/\" \/>\n<meta property=\"og:site_name\" content=\"Endpoint Security &amp; Protection Platforms | Solutions Review\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/solutionsreview\" \/>\n<meta property=\"article:published_time\" content=\"2022-09-13T19:45:33+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-09-13T19:47:55+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Steve Benton\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@InfoSec_Review\" \/>\n<meta name=\"twitter:site\" content=\"@InfoSec_Review\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Steve Benton\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/\"},\"author\":{\"name\":\"Steve Benton\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/0b6e391f6b91a65af8af8f10967143c7\"},\"headline\":\"Open Cybersecurity Schema Framework and the Long Road Ahead\",\"datePublished\":\"2022-09-13T19:45:33+00:00\",\"dateModified\":\"2022-09-13T19:47:55+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/\"},\"wordCount\":944,\"publisher\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead.jpg\",\"keywords\":[\"Anomali\",\"Cyber-Attacks\",\"Cybersecurity\",\"Data Breach\",\"Infosec\",\"OCSF\",\"Open Cybersecurity Schema Framework\",\"security operations center\",\"SIEM\",\"SOC\"],\"articleSection\":[\"Best Practices\",\"Featured\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/\",\"name\":\"Open Cybersecurity Schema Framework and the Long Road Ahead\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead.jpg\",\"datePublished\":\"2022-09-13T19:45:33+00:00\",\"dateModified\":\"2022-09-13T19:47:55+00:00\",\"description\":\"Steve Benton of Anomali warns us that while OCSF is a great start, IT teams still have a long road ahead of them in the effort to streamline security.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead.jpg\",\"width\":800,\"height\":400,\"caption\":\"OCSF\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/endpoint-security\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Open Cybersecurity Schema Framework and the Long Road Ahead\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#website\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/\",\"name\":\"Endpoint Security &amp; Protection Platforms | Solutions Review\",\"description\":\"Evaluating Enterprise EPP Software, Next-Gen Antivirus &amp; EDR Solutions.\",\"publisher\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/endpoint-security\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\",\"name\":\"Solutions Review\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png\",\"contentUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png\",\"width\":200,\"height\":200,\"caption\":\"Solutions Review\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/solutionsreview\",\"https:\/\/x.com\/InfoSec_Review\",\"https:\/\/www.linkedin.com\/company\/cyber-security-solutions-review\",\"https:\/\/www.youtube.com\/user\/SolutionsReview\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/0b6e391f6b91a65af8af8f10967143c7\",\"name\":\"Steve Benton\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/12\/SteveBenton-scaled.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/12\/SteveBenton-scaled.jpg\",\"caption\":\"Steve Benton\"},\"description\":\"Steve Benton is Vice President of Threat Research and General Manager Belfast at Anomali. His experience in cybersecurity spans three decades including 18 years at BT, one of the world\u2019s leading communications companies, where he served as Deputy CISO and CSO. An industry security expert, he\u2019s a contributing member of the Cyber Defenders Council, Fellow of the Chartered Institute of Information Security and advisor to the i4 C level community.\",\"sameAs\":[\"https:\/\/www.anomali.com\/\"],\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/author\/sbenton1\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Open Cybersecurity Schema Framework and the Long Road Ahead","description":"Steve Benton of Anomali warns us that while OCSF is a great start, IT teams still have a long road ahead of them in the effort to streamline security.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/","og_locale":"en_US","og_type":"article","og_title":"Open Cybersecurity Schema Framework and the Long Road Ahead","og_description":"Steve Benton of Anomali warns us that while OCSF is a great start, IT teams still have a long road ahead of them in the effort to streamline security.","og_url":"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/","og_site_name":"Endpoint Security &amp; Protection Platforms | Solutions Review","article_publisher":"https:\/\/www.facebook.com\/solutionsreview","article_published_time":"2022-09-13T19:45:33+00:00","article_modified_time":"2022-09-13T19:47:55+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead.jpg","type":"image\/jpeg"}],"author":"Steve Benton","twitter_card":"summary_large_image","twitter_creator":"@InfoSec_Review","twitter_site":"@InfoSec_Review","twitter_misc":{"Written by":"Steve Benton","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/#article","isPartOf":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/"},"author":{"name":"Steve Benton","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/0b6e391f6b91a65af8af8f10967143c7"},"headline":"Open Cybersecurity Schema Framework and the Long Road Ahead","datePublished":"2022-09-13T19:45:33+00:00","dateModified":"2022-09-13T19:47:55+00:00","mainEntityOfPage":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/"},"wordCount":944,"publisher":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead.jpg","keywords":["Anomali","Cyber-Attacks","Cybersecurity","Data Breach","Infosec","OCSF","Open Cybersecurity Schema Framework","security operations center","SIEM","SOC"],"articleSection":["Best Practices","Featured"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/","url":"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/","name":"Open Cybersecurity Schema Framework and the Long Road Ahead","isPartOf":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead.jpg","datePublished":"2022-09-13T19:45:33+00:00","dateModified":"2022-09-13T19:47:55+00:00","description":"Steve Benton of Anomali warns us that while OCSF is a great start, IT teams still have a long road ahead of them in the effort to streamline security.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/#primaryimage","url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead.jpg","contentUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2022\/09\/Open-Cybersecurity-Schema-Framework-and-the-Long-Road-Ahead.jpg","width":800,"height":400,"caption":"OCSF"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/endpoint-security\/open-cybersecurity-schema-framework-and-the-long-road-ahead\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/endpoint-security\/"},{"@type":"ListItem","position":2,"name":"Open Cybersecurity Schema Framework and the Long Road Ahead"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#website","url":"https:\/\/solutionsreview.com\/endpoint-security\/","name":"Endpoint Security &amp; Protection Platforms | Solutions Review","description":"Evaluating Enterprise EPP Software, Next-Gen Antivirus &amp; EDR Solutions.","publisher":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/endpoint-security\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization","name":"Solutions Review","url":"https:\/\/solutionsreview.com\/endpoint-security\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/","url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png","contentUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png","width":200,"height":200,"caption":"Solutions Review"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/solutionsreview","https:\/\/x.com\/InfoSec_Review","https:\/\/www.linkedin.com\/company\/cyber-security-solutions-review","https:\/\/www.youtube.com\/user\/SolutionsReview"]},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/0b6e391f6b91a65af8af8f10967143c7","name":"Steve Benton","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/image\/","url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/12\/SteveBenton-scaled.jpg","contentUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/12\/SteveBenton-scaled.jpg","caption":"Steve Benton"},"description":"Steve Benton is Vice President of Threat Research and General Manager Belfast at Anomali. His experience in cybersecurity spans three decades including 18 years at BT, one of the world\u2019s leading communications companies, where he served as Deputy CISO and CSO. An industry security expert, he\u2019s a contributing member of the Cyber Defenders Council, Fellow of the Chartered Institute of Information Security and advisor to the i4 C level community.","sameAs":["https:\/\/www.anomali.com\/"],"url":"https:\/\/solutionsreview.com\/endpoint-security\/author\/sbenton1\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts\/5058"}],"collection":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/users\/311"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/comments?post=5058"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts\/5058\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/media\/5059"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/media?parent=5058"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/categories?post=5058"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/tags?post=5058"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}