From: InfoSec News (isnc4i.org)
Date: Tue Apr 20 2004 - 02:33:01 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.fcw.com/fcw/articles/2004/0419/web-ncsp-04-19-04.asp

By Florence Olsen
April 19, 2004

A cybersecurity task force recommended improvements today to a variety
of technical standards and practices.

Organized by the National Cyber Security Partnership, the task force
issued a 104-page report with recommendations for the federal
government and industry [1]. The report is the last of five documents
prepared by industry and academic experts on the President's National
Strategy to Secure Cyberspace, a general blueprint for improving the
nation's cybersecurity readiness.

The task force members called for what they said were needed
improvements to the consumer- and vendor-oriented software security
testing program operated by the National Institute of Standards and
Technology and the National Security Agency.

The report recommends that NIST receive an initial $12 million in new
appropriations and $6 million in following years for developing
security requirements for specific classes of products such as
intrusion-detection systems and virtual private networks.

Other steps outlined in the report include making vendors responsible
for shipping software products with more of their security features
enabled and having the federal government mandate
software-vulnerability analysis as a condition of procurement. The
group also recommended that industry groups work together to develop a
well-defined set of technical standards for designing secure IP
networks.

Leaders of the Technical Standards and Common Criteria Task Force were
Mary Ann Davidson of Oracle Corp., Chris Klaus of Internet Security
Systems Inc. and Edward Roback of NIST.

[1] http://www.cyberpartnership.org/TF4TechReport.pdf

_________________________________________
ISN mailing list
Sponsored by: OSVDB.org

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]