Open Security Exchange Executive Summary
The Open Security Exchange
Corporate risk exposure. Security. Privacy. In recent years, these concepts have had global impact on the way organizations operate. In the private and public sectors, time-to-market considerations and customer expectations are driving the adoption of new business models and enabling technologies. End users, customers and partners are now trusted with access to organizational assets and systems. And at the same time, regulatory requirements have created additional areas of concern. Additionally, the lack of technical integration between physical and IT security systems has resulted in organizational and procedural gaps for virtually all organizations worldwide — often leaving organizations vulnerable to attacks and unable to consistently implement security policies. Today, organizations need to mitigate risk and regain full control of their security management by optimizing their enterprise security resources.
The Open Security Exchange was created to address today’s most significant security challenge — the lack of integration between various components of the security infrastructure. The Open Security Exchange is a cross-industry forum dedicated to delivering vendor-neutral interoperability specifications and best practices guidelines in the area of security management. This enables organizations to more efficiently mitigate risk, optimize their security postures and enforce privacy policies.
The Open Security Exchange combines the disparate technologies that form today’s security infrastructures, allowing for optimal security and operational efficiencies while respecting organization-specific operational requirements. Effective security management will result in: accurate detection of threats and attacks; consistent definition and enforcement of security policies; and enhanced organizational collaboration.
The Open Security Exchange helps provide effective security management by:
- Supporting all the technologies that comprise an organization’s security infrastructure. For example, the Open Security Exchange promotes the convergence of physical and IT security.
- Enabling organizations in the private and public sectors to maximize organizational security while achieving optimal organizational efficiency. The Open Security Exchange promotes realistic specifications to address all types of security challenges.
- Allowing organizations to adopt best practices security policies and procedures. This helps reduce the occurrence of organizational security incidents, and contributes to consumer confidence with online transactions and eCommerce.
The Open Security Exchange is committed to developing technical interoperability specifications and promoting these as standards with industry groups for wide acceptance among users, technology providers and systems integrators. As a result: