UPDATED 17:00 EST / JANUARY 25 2023

Patrick Coughlin, Splunk Inc. - reInvent 2022 SECURITY

Standardizing cybersecurity: Open Cybersecurity Schema Framework helps build cyber resiliency

Open source is a definite value-add, but disparities exist in the creation and execution of its governing security standards.

To remediate it, Splunk Inc. and Amazon Web Services Inc., alongside many other vendors, have worked together to conceive the Open Cybersecurity Schema Framework — a set of common rules governing the handling of cybersecurity events.

“The real challenge that OCSF helps to solve is effectively detect and respond at the speed at which attackers are demanding today,” said Patrick Coughlin (pictured), vice president of strategy and specialization at Splunk. “We have to normalize data across this entire landscape of tools, infrastructures and services. We have to have integration to have visibility, and these tools have to work together.”

Coughlin spoke with theCUBE industry analyst John Furrier at the recent AWS re:Invent conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the collective steps being taken to standardize approaches to cybersecurity within open-source and cloud-native environments. (* Disclosure below.)

Solving the integration problem

While companies can’t be blamed for harnessing multiple tools simultaneously for various operations, this practice has become a major stumbling block to standardizing cybersecurity. OCSF is an initiative that, in essence, takes the burden of systems integration away from end users and customers, according to Coughlin.

“Over 50 different organizations, cloud service providers and solution providers in the cybersecurity space have come together and said, ‘Let’s decide on a single, unified schema for how we’re going to represent event data in this industry.’ And I’m very proud to be here today to say that we’ve launched it, and I can’t wait to see where we go next,” he stated.

Enterprises often adopt a thoroughly siloed approach across their developer, IT and security operations, whereas the data from one is inextricably linked to the others. Splunk’s approach views data and overarching data visibility as essential to the security and cyber resiliency problem, according to Coughlin.

“One of the things that we do often is help connect the dots for our customers and bring our customers together across the silos they may have internally so that they can start to see a holistic picture of what resilience means for their enterprise and how they can drive faster detection outcomes and more automation coverage,” he explained.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of AWS re:Invent:

(* Disclosure: Splunk Inc. sponsored this segment of theCUBE. Neither Splunk nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU