[ISN] Last part of security strategy released

From: InfoSec News (isn@private)
Date: Tue Apr 20 2004 - 00:33:01 PDT

  • Next message: InfoSec News: "[ISN] Will Trade Passwords For Chocolate"

    http://www.fcw.com/fcw/articles/2004/0419/web-ncsp-04-19-04.asp
    
    By Florence Olsen 
    April 19, 2004
    
    A cybersecurity task force recommended improvements today to a variety 
    of technical standards and practices. 
    
    Organized by the National Cyber Security Partnership, the task force 
    issued a 104-page report with recommendations for the federal 
    government and industry [1]. The report is the last of five documents 
    prepared by industry and academic experts on the President's National 
    Strategy to Secure Cyberspace, a general blueprint for improving the 
    nation's cybersecurity readiness.
    
    The task force members called for what they said were needed 
    improvements to the consumer- and vendor-oriented software security 
    testing program operated by the National Institute of Standards and 
    Technology and the National Security Agency.
    
    The report recommends that NIST receive an initial $12 million in new 
    appropriations and $6 million in following years for developing 
    security requirements for specific classes of products such as 
    intrusion-detection systems and virtual private networks.
    
    Other steps outlined in the report include making vendors responsible 
    for shipping software products with more of their security features 
    enabled and having the federal government mandate 
    software-vulnerability analysis as a condition of procurement. The 
    group also recommended that industry groups work together to develop a 
    well-defined set of technical standards for designing secure IP 
    networks.
    
    Leaders of the Technical Standards and Common Criteria Task Force were 
    Mary Ann Davidson of Oracle Corp., Chris Klaus of Internet Security 
    Systems Inc. and Edward Roback of NIST.
    
    [1] http://www.cyberpartnership.org/TF4TechReport.pdf
    
    
    
    _________________________________________
    ISN mailing list
    Sponsored by: OSVDB.org
    



    This archive was generated by hypermail 2b30 : Tue Apr 20 2004 - 03:13:20 PDT