Magazine article Security Management

Businesses Buy into Security

Magazine article Security Management

Businesses Buy into Security

Article excerpt

A government-funded research center and an industry trade alliance are joining forces to help companies get more timely warnings of Internet vulnerabilities. Their initiative is called the Internet Security Alliance (ISA).

The collaboration involves the CERT Coordination Center (CERT/CC), of the Software Engineering Institute (SEI) at Carnegie Mellon University, and the Electronic Industries Alliance (EIA), which represents more than 2,100 member companies from the electronic and high-tech industries. Through ISA, CERT/CC will provide companies that join the ISA with immediate access to advisories about information security risks and vulnerabilities. Those advisories were previously available immediately only to CERT/CC's government customers (the public sees them after a 45-day waiting period.)

Getting access to the sneak preview isn't free, however. The SEI is funded by several government agencies, and its charter does not permit it to do work in support of the private sector at the government's expense. Costs--including the hiring of additional personnel to support the alliance--will be funded through membership fees. Sponsor members of the ISA will pay $70,000 each year; other categories of membership will cost from $2,500 to $50,000 annually, depending on the company's size.

In addition to providing timely warnings of cyberthreats to members, ISA's goal is to develop a set of best practices that will ultimately become the basis of a seal program, says Dave McCurdy, the president of EIA and executive director of ISA. Details of the seal program, such as whether companies will pay to receive certification and be audited, have not yet been decided, says CERT/CC public relations coordinator Bill Pollak.

It makes sense for CERT and EIA to combine their efforts, says McCurdy, because CERT has been dealing with cybersecurity and software security for more than a decade, and EIA has a history of developing best practices and brings to CERT a means of access to industry leaders. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.