Last part of security strategy released

Technical Standards and Common Criteria Task Force

Related Links

A cybersecurity task force recommended improvements today to a variety of technical standards and practices.

Organized by the National Cyber Security Partnership, the task force issued a 104-page report with recommendations for the federal government and industry. The report is the last of five documents prepared by industry and academic experts on the President's National Strategy to Secure Cyberspace, a general blueprint for improving the nation's cybersecurity readiness.

The task force members called for what they said were needed improvements to the consumer- and vendor-oriented software security testing program operated by the National Institute of Standards and Technology and the National Security Agency.

The report recommends that NIST receive an initial $12 million in new appropriations and $6 million in following years for developing security requirements for specific classes of products such as intrusion-detection systems and virtual private networks.

Other steps outlined in the report include making vendors responsible for shipping software products with more of their security features enabled and having the federal government mandate software-vulnerability analysis as a condition of procurement. The group also recommended that industry groups work together to develop a well-defined set of technical standards for designing secure IP networks.

Leaders of the Technical Standards and Common Criteria Task Force were Mary Ann Davidson of Oracle Corp., Chris Klaus of Internet Security Systems Inc. and Edward Roback of NIST.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.