The UKs National Cyber Security Centre (NCSC) has collaborated with industry experts to author an IETF RFC called Indicators of compromise (IoCs) and their role in attack defence (RFC9424). This document provides valuable information on IoCs, including their lifecycle [1], the “pyramid of pain” concept [1], real examples of their use [1], and considerations for their implementation [1]. It aims to educate those working at the IETF on the importance of IoCs in cybersecurity [1].
Description
The NCSC [1] [2], in collaboration with industry experts [1] [2], including its CTO [1], Ollie Whitehouse [1], has authored an IETF RFC titled Indicators of compromise (IoCs) and their role in attack defence (RFC9424) [2]. This document, the first one authored by the NCSC in the IETF [2], offers comprehensive insights into IoCs. It covers various aspects such as their lifecycle, the “pyramid of pain” concept [1], real examples of their use [1], and considerations for their implementation [1]. The development of this document spanned over three years [2], and it is widely regarded as a significant reference for internet protocol designers and the wider community [2].
Additionally, the NCSC is actively involved in shaping the future of the internet and promoting participation in the design process. As part of these efforts [1], they are working on new terminology for post-quantum cryptography in internet protocols [1].
Conclusion
The collaboration between the NCSC and industry experts has resulted in the creation of an authoritative and informative document on IoCs. This resource not only educates those working at the IETF on the importance of IoCs in cybersecurity but also serves as a valuable reference for internet protocol designers and the wider community. Furthermore, the NCSCs ongoing work on new terminology for post-quantum cryptography highlights their commitment to shaping the future of the internet and promoting involvement in the design process.
References
[1] https://www.infosecurity-magazine.com/news/ncsc-standard-indicators-of/
[2] https://www.redpacketsecurity.com/an-rfc-on-iocs-playing-our-part-in-international-standards/
