Former Cybersecurity and Infrastructure Director Jen Easterly and UK National Cyber Security Centre Founding Director Ciaran Martin have called on private and public cybersecurity organizations to implement a standardized vendor-neutral threat actor naming scheme that would facilitate improved interoperability, Infosecurity Magazine reports.
Disparate naming schemes have caused confusion that deferred response times, concealed attackers' identity, and mystified the public regarding the threat of such malicious actors, wrote Easterly and Martin in a column on Just Security, a cyber news website. Threat actors have also been glamorized by the current naming conventions, which were also noted by Easterly and Martin to have been more beneficial for marketing instead of accuracy. Such sentiments come weeks after Microsoft and CrowdStrike partnered to harmonize threat actor naming and categorization, which Easterly and Martin commended but noted to still be lacking. "While this collaboration is a helpful start, it will ultimately fall short if it stops at cross-referencing proprietary names rather than fundamentally reforming the way we label and identify adversaries in cyberspace," Easterly and Martin wrote.
Disparate naming schemes have caused confusion that deferred response times, concealed attackers' identity, and mystified the public regarding the threat of such malicious actors, wrote Easterly and Martin in a column on Just Security, a cyber news website. Threat actors have also been glamorized by the current naming conventions, which were also noted by Easterly and Martin to have been more beneficial for marketing instead of accuracy. Such sentiments come weeks after Microsoft and CrowdStrike partnered to harmonize threat actor naming and categorization, which Easterly and Martin commended but noted to still be lacking. "While this collaboration is a helpful start, it will ultimately fall short if it stops at cross-referencing proprietary names rather than fundamentally reforming the way we label and identify adversaries in cyberspace," Easterly and Martin wrote.
