FBI to release computer-security updates
The FBI's National Infrastructure Protection Center and the SysAdmin, Audit, Networking and Security (SANS) Institute, a research and education organization made up of government, corporate and academic experts, will unveil the initiatives Wednesday, exactly two weeks after the Bush Administration released a draft for comment of the National Strategy for Securing Cyberspace.
The SANS-FBI efforts will try to improve how companies deal with the multitude of security flaws software companies announce every week. The focus of the initiatives is on identifying security holes and delivering tools so companies can plug them, a practical approach outlined in the Administration's cybersecurity plan, said Alan Paller, director of research for SANS.
"We have to get rid of the emphasis on threat analysis and work on vulnerability analysis," Paller said. "That's because we can fix the vulnerabilities, but if we wait until the threat is clear, we will be too late."
[ Read more ]