[ISN] RFI aims at security info sharing

From: InfoSec News (isnat_private)
Date: Wed Feb 05 2003 - 22:19:16 PST

Next message: InfoSec News: "[ISN] Security UPDATE, February 5, 2003"

Previous message: InfoSec News: "[ISN] FC: Richard Clarke misstates Canadian elections cancelled? (fwd)"
Next in thread: InfoSec News: "Re: [ISN] RFI aims at security info sharing"
Reply: InfoSec News: "Re: [ISN] RFI aims at security info sharing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.fcw.com/fcw/articles/2003/0203/web-fedcirc-02-05-03.asp

By Diane Frank 
Feb. 5, 2003

The Federal Computer Incident Response Center today released a call
for industry participation in an effort to develop common standards
for exchanging security incident information.

The request for information (RFI) stresses that compliance with such
standards likely will become a requirement to qualify for future
federal security purchases.

For some time, FedCIRC has been working with the CERT Coordination
Center (CERT/CC) on the Data Analysis Capability (DAC), a solution
that will allow FedCIRC to analyze and correlate incident information
across government. The idea is that as more agencies share
information, the better the overall management of security incidents
will be.

Several agencies have helped test the DAC and work through policy
issues surrounding data sharing among agencies, but technologically,
agencies face difficulty in combining information from proprietary
commercial security systems.

The request for information asks industry to work with the CERT/CC and
the Internet Engineering Task Force on the two standards under
development: The Intrusion Detection Message Exchange Format and the
Incident Object Description and Exchange Format. These standards are
independent of the DAC but are the most relevant to the government's
needs.

Industry involvement in the standards will become even more important
down the line. "We expect that compliance with the DAC architecture is
likely to become a requirement for future acquisition of
security-related products by federal civilian agencies," the RFI
states.

As more and more agencies purchase commercial intrusion detection and
management systems, such a requirement could have big implications in
the security market, the RFI points out.

A second pilot test of the DAC is planned for spring 2003, and FedCIRC
is encouraging vendors that can make their solutions DAC-compliant by
that time to participate.

Responses to the RFI are due via e-mail to FedCIRC by Feb. 28 at
dac-rfiat_private
 
 

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "[ISN] Security UPDATE, February 5, 2003"
Previous message: InfoSec News: "[ISN] FC: Richard Clarke misstates Canadian elections cancelled? (fwd)"
Next in thread: InfoSec News: "Re: [ISN] RFI aims at security info sharing"
Reply: InfoSec News: "Re: [ISN] RFI aims at security info sharing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Feb 06 2003 - 01:33:23 PST