ISAO standards group issues second 'services and capabilities' draft following flap over certification

The group tasked with writing standards for information-sharing organizations has issued a second draft of guidelines for basic “services and capabilities” that an ISAO should offer its members, the first document issued by the group since it yanked a controversial plan for certifying ISAOs in January.

Perhaps most notable in the revised draft is an omission of the Department of Homeland Security's Automated Indicator Sharing system as part of the section on standardized “formats” for sharing cyber-threat intelligence. Comments on...