Global standards body OASIS recently approved STIX and TAXII, two popular open source projects that automate threat-intelligence sharing, as full-fledged standards.

The standards, a long-time in the making, signify a big deal — and it should be a big, bright sign for cybersecurity vendors and organizations that, if they haven’t already, now’s the time to jump on board the open source security train.

It’s a big deal for a couple of reasons.

First, as we continue seeing some of the worst-ever cyberattacks hit organizations on a weekly, if not daily, basis, it’s pretty obvious that defenders need to get better at sharing threat intel.

“Almost invariably, there are at least some elements of these attacks, which were well understood — in many cases years earlier,” said Richard Struse, a member of the OASIS board of directors and one of the original developers of STIX. He’s now the director of MITRE Engenuity’s Center for Threat-Informed Defense.

Better intelligence sharing can help protect all of our networks, and using a shared, open standard for this ensures that we’re all on the same page about potential threats.

Additionally, as Trey Darley, who co-chairs the OASIS Cyber Threat Intelligence technical committee with Struse, pointed out, standards can help address the cybersecurity skills shortage.

“We’re at this critical juncture where cyberattacks are becoming so disruptive to our way of life, our society, and critical infrastructure underpinning our economies, our democracies,” said Darley, a systems and security architect at CERT.be. “We’re close to a tipping point where things are getting more and more out of hand. We can’t just throw money at [the] population and increase by 10x the number of qualified, highly skilled cybersecurity defenders.”

These standards, he added, “will have significant impacts on integrations between different security products.”

For all the talk of openness when it comes to things like products and services — and general agreement that security needs to be simpler and that means fewer products and better interoperability — cybersecurity has lagged behind its fellow technology sectors when it comes to adopting open source code and standards for threat intelligence sharing and product integrations.

Arguments in favor of open source aren’t anything new or unique to cybersecurity. In fact, the cost savings, common language, and crowd-sourced contribution benefits essentially apply to any open source project or standard. However, they take on more serious weight as cyberthreats move into the physical world and shut down water treatment plants, gas pipelines, and hospital systems.

“It’s a collective defense, all-boats-rise proposition,” said Doug Cahill, a VP and group director at ESG, in an earlier interview. “We should be sharing threat intelligence because adversaries are putting all customers at risk.”

Meanwhile, attackers don’t have a problem sharing information or even business models. And that collective-minds approach has definitely paid off for the criminals.

The new STIX and TAXII standards, and ongoing work by another OASIS project, the Open Cybersecurity Alliance, are important steps in the right direction. Several leading vendors including Trend Micro, IBM, Avast, and Anomali already use STIX and TAXII. So does the U.S. Cybersecurity and Infrastructure Agency and the Cyber Threat Alliance’s threat-intelligence sharing platform.

“It’s encouraging that we’ve had a couple of major brands partner around standards, but we need more of this,” Cahill said. “We need a critical mass.”

He’s right. As we approach the tipping point that Darley mentioned, we need to speed up our response time to avoid even more catastrophic attacks, and that requires all of the defenders and security tool vendors working together. Let’s hope the momentum continues.