Feds unite on security benchmarks

Thursday, 18 December 2003, 12:45 PM EST

A group of high-level IT officials in the federal government has begun collaborating on configuration benchmarks that government agencies could be required to use in future purchases of hardware and software.

The development of the benchmarks is at once an indication of the growing importance of security in Washington and of the government's intention to use its purchasing power as an agent of change inside the Beltway and in the vendor community.

"Yes, I believe the government is getting better at this," said Alan Paller, research director at The SANS Institute, based in Bethesda, Md., who has spoken with many of the federal CIOs involved in this effort. "This doesn't solve the entire problem, but it helps going forward. I believe a great deal of money was thrown away on reports that could've been spent on solving the problem."

The move comes at a time of heavy criticism of the government's security efforts, much of it tied to last week's release of an annual report card from the House Government Reform Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census on the security of federal agencies' networks.

[ Read more ]




Spotlight

Patching: The least understood line of defense

Posted on 29 August 2014.  |  How many end users, indeed how many IT pros, truly get patching? Sure, many of us see Windows install updates when we shut down our PC and think all is well. Itís not.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Sep 3rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //