2023: An international standard for the exchange of information on cyber threats in communication networks has been developed
On August 25, 2023, it became known that the International Telecommunication Union (ITU) will discuss the possibility of using the STIX language to exchange information about cyber threats in communication networks as a new industry standard.
STIX, or Structured Threat Information Expression, enables organizations to analyze and share network threat data with trusted partners and communities. You can search for data using any cyber intrusion template, action plan, identifier, indicator, malicious code, report, vulnerability, and other parameters. STIX is supported by the non-profit OASIS standardization consortium, whose members include companies such as, IBM,,, and Microsoft Google, Cisco Adobe as well as structures Ministry of Defence and other departments. USA
According to RBC, ITU experts presented for discussion draft recommendations on the use of STIX version 2.1 as an international standard. However, no agreement has been reached as of August 2023. In particular, the position of the Russian Federation has not been determined: some representatives of the Russian authorities reacted negatively to STIX due to the fact that the standard was developed with the support of the United States. Moreover, it is said that the use of this language may violate Russian law in terms of maintaining the work of critical information infrastructure. The fact is that the owners of such facilities cannot exchange information about cyber attacks with organizations from other countries. They should interact only with the Russian National Coordination Center for Computer Incidents (NCCCI).
Russian experts are divided on the use of STIX. On the one hand, the initiative will facilitate integration and greatly simplify the exchange of information about cyber threats. On the other hand, it can make it more difficult for those who support a different data structure format.
 | STIX is good for building complex analytics on hacker groups. Most companies do not need this: the main thing is to see and repel the attack, and who broke it for what purpose is no longer so interesting, - said the representative of RTK-Solar[1] |  |
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |