Security group benchmarking Solaris

Center for Internet Security

A new collaborative security organization is preparing to release the first in a wave of security benchmarks for commercial products widely used in government, industry and academia.

The Center for Internet Security is a nonprofit organization composed of more than 80 members from government agencies, law enforcement, academia and industry. It plans to provide internationally agreed-upon technical benchmarks and certifications, said Clint Kreitner, chief executive officer of the center.

The organization will release a benchmark for Sun Microsystems Inc.'s Solaris operating system before the end of the year.

Other benchmarking efforts include:

    * The Institute for Security Studies at Dartmouth College is developing a benchmark for the Linux operating system.

    * The National Security Agency will soon come out with an initial benchmark for Microsoft Corp.'s Windows 2000.

The CIS is based on the idea "that only through effective, systematic, collective action do we have any hope" of combating security threats, Kreitner said. "We cannot ignore the common good in the pursuit of self-interest."

Franklin Reeder, chairman of the center, added that "the role of the center will not be to develop tools, but to certify tools."

Whether this certification will be similar to the "Consumer Reports" model or more like the Underwriters Laboratories Inc. model is still under consideration, but the center will partner with and build on work done by organizations such as NSA, the National Institute of Standards and Technology and the Common Vulnerabilities and Exposures project led by Mitre Corp., Kreitner said.

Federal members of the center include NIST, NASA, the Dahlgren Naval Surface Warfare Center, the Defense Department's Computer Emergency Response Team and the Treasury Department's Financial Management Service. Other government participants include the Washington State Department of Health, the Canadian Communications Security Establishment and the Royal Canadian Mounted Police.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.