RealNews

Decoding the Lessons of Slammer

A viral one-two punch–the Code Red and Nimda worms–convinced Microsoft in mid-2001 that security needed to become its top priority. That decision led directly to the creation of the company’s Trustworthy Computing initiative. Company Chairman Bill Gates laid the groundwork for the program with an ambitious memo in January 2002 to employees, challenging them to improve the privacy and security of Microsoft software. The company subsequently halted much of its product development while about 8,500 developers were trained in secure programming and then reviewed the majority of the Windows code for security errors. Microsoft says the entire effort cost some $100 million. But hackers continue to find holes in Microsoft’s defense. In January, the Slammer worm hit. This time, not only did customers get infected; Microsoft did, too. Mike Nash, vice president of the security business unit at Microsoft, is the executive responsible for the security component of Trustworthy Computing push. CNET News.com recently spoke with Nash about the effect of the Slammer worm on the Trustworthy Computing initiative and where Microsoft expects to take its security program in its second year. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.