RealNews

Federal agencies tackle software security

Five federal agencies, led by the U.S. Department of Energy, plan to discuss a new set of government contracting practices that hold software makers accountable for making their products more resistant to viruses and hackers. The Department of Energy on Tuesday will show off a “model contract” it signed “that demonstrates a new way for government to purchase software with security built in, enabling and requiring vendors to take more responsibility for both delivering less vulnerable systems and keeping them that way,” according to a press release from the Center for Internet Security (CIS). CIS, a nonprofit in Hershey, Penn., that advises members on computer security, is assisting the government in its quest for intruder-proof software. The center is organizing Tuesday’s meeting at the JW Marriott Hotel in Washington, D.C. The government effort could lead to improvements in computer security for all consumers of information technology, said Alan Paller, research director at the SANS (SysAdmin, Audit, Network, Security) Institute. “The government is going to use its procurement power to change the way vendors deliver their software,” he said. The SANS Institute, an information security research and training firm, works closely with CIS. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.