Digital Forensics

International Pandemic Contact Tracing Standards Group Formed

The formation of an international pandemic contact tracing standards group was announced yesterday. Designated E4P, it is being established as an open public-private initiative under ETSI to “develop a framework and consistent set of specifications for proximity tracing systems, to enable the development of applications and platforms, and to facilitate international interoperability” that also provide for privacy […]

Cybersecurity Standards Practices as Cyber Threats

One of the most embarrassing and pernicious realities in the world of cybersecurity is the stark reality that some industry cybersecurity standards practices are themselves cyber threats. How so? Most industry and intergovernmental standards bodies serve as means for assembling the constantly evolving collective knowledge of participant experts and package the resulting specifications and best […]

Implementing the Cybersecurity Act of 2015: A Public-Private Specifications Approach

Arguably the most significant cybersecurity development of 2015 was a stunner. On Friday, 18 December 2015 – with everyone leaving on the holidays – the U.S. Congress unexpectedly passed the Cybersecurity Act of 2015 and it was immediately signed by the President. It became the organic law of the United States, including far reaching amendments to the Homeland Security Act of 2002.

ISAO Challenges

Earlier this week on 9 November at a public location outside Washington DC, a U.S. Department of Homeland Security sponsored Initial Public Meeting was held for establishing Information Sharing and Analysis Organization (ISAO) Standards. After some initial speeches by DHS officials, the contractor host of the meeting described the efforts and sought to gather information and ideas from the approximately 50+ attendees.

DFAX – Digital Forensic Analysis eXpression

For some years, we’ve been observing the convergence among the various LI and CYBER realms. A posting yesterday to the hyperactive new OASIS CTI (Cyber Threat Intelligence) Technical Committee list underscores that evolution. It described a surprisingly mature new protocol dubbed DFAX – Digital Forensic Analysis eXpression.