[ISN] RFI aims at security info sharing

From: InfoSec News (isnat_private)
Date: Wed Feb 05 2003 - 22:19:16 PST

  • Next message: InfoSec News: "[ISN] Security UPDATE, February 5, 2003"

    By Diane Frank 
    Feb. 5, 2003
    The Federal Computer Incident Response Center today released a call
    for industry participation in an effort to develop common standards
    for exchanging security incident information.
    The request for information (RFI) stresses that compliance with such
    standards likely will become a requirement to qualify for future
    federal security purchases.
    For some time, FedCIRC has been working with the CERT Coordination
    Center (CERT/CC) on the Data Analysis Capability (DAC), a solution
    that will allow FedCIRC to analyze and correlate incident information
    across government. The idea is that as more agencies share
    information, the better the overall management of security incidents
    will be.
    Several agencies have helped test the DAC and work through policy
    issues surrounding data sharing among agencies, but technologically,
    agencies face difficulty in combining information from proprietary
    commercial security systems.
    The request for information asks industry to work with the CERT/CC and
    the Internet Engineering Task Force on the two standards under
    development: The Intrusion Detection Message Exchange Format and the
    Incident Object Description and Exchange Format. These standards are
    independent of the DAC but are the most relevant to the government's
    Industry involvement in the standards will become even more important
    down the line. "We expect that compliance with the DAC architecture is
    likely to become a requirement for future acquisition of
    security-related products by federal civilian agencies," the RFI
    As more and more agencies purchase commercial intrusion detection and
    management systems, such a requirement could have big implications in
    the security market, the RFI points out.
    A second pilot test of the DAC is planned for spring 2003, and FedCIRC
    is encouraging vendors that can make their solutions DAC-compliant by
    that time to participate.
    Responses to the RFI are due via e-mail to FedCIRC by Feb. 28 at
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Thu Feb 06 2003 - 01:33:23 PST