NIAP certification becoming a priority
The government's plan to pressure software vendors to build more secure products seems to be gathering a bit of momentum. A major part of the National Strategy to Secure Cyberspace, the idea involves using market pressures and the government's purchasing power to influence vendors' development practices.
An important component of this plan is the National Information Assurance Partnership's Common Criteria testing program, which validates the security and reliability of a given product. The program is a partnership between the National Security Agency and the National Institute of Standards and Technology. NIAP has been around for a while, but until some government agencies began purchasing only NIAP-certified products whenever possible, it hadn't been a priority for many vendors.
[ Read more ]