Feds unite on security benchmarks

Thursday, 18 December 2003, 12:45 PM EST

A group of high-level IT officials in the federal government has begun collaborating on configuration benchmarks that government agencies could be required to use in future purchases of hardware and software.

The development of the benchmarks is at once an indication of the growing importance of security in Washington and of the government's intention to use its purchasing power as an agent of change inside the Beltway and in the vendor community.

"Yes, I believe the government is getting better at this," said Alan Paller, research director at The SANS Institute, based in Bethesda, Md., who has spoken with many of the federal CIOs involved in this effort. "This doesn't solve the entire problem, but it helps going forward. I believe a great deal of money was thrown away on reports that could've been spent on solving the problem."

The move comes at a time of heavy criticism of the government's security efforts, much of it tied to last week's release of an annual report card from the House Government Reform Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census on the security of federal agencies' networks.

[ Read more ]




Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //