- Related Stories
-
Waiting for a digital Sept. 11
September 19, 2003 -
Bush names new 'CIO' of U.S. government
September 3, 2003 -
Bush unveils final cybersecurity plan
February 14, 2003 -
Security guide aims to lock up agencies
October 30, 2002 -
U.S. agencies flunking in tech security
November 9, 2001 -
Study: Government Web sites weak on privacy, security
September 12, 2000
The Department of Energy on Tuesday will show off a "model contract" it signed "that demonstrates a new way for government to purchase software with security built in, enabling and requiring vendors to take more responsibility for both delivering less vulnerable systems and keeping them that way," according to a press release from the Center for Internet Security (CIS).
CIS, a nonprofit in Hershey, Penn., that advises members on computer security, is assisting the government in its quest for intruder-proof software. The center is organizing Tuesday's meeting at the JW Marriott Hotel in Washington, D.C.
The government effort could lead to improvements in computer security for all consumers of information technology, said Alan Paller, research director at the SANS (SysAdmin, Audit, Network, Security) Institute. "The government is going to use its procurement power to change the way vendors deliver their software," he said.
The SANS Institute, an information security research and training firm, works closely with CIS.
If anyone has the power to persuade the software industry to get serious about security, it's the federal government and its $50 billion-plus annual IT budget, Paller said. And with the recent wave of crippling worm attacks, it's about time it exercised that power, he said.
Key to the initiative is Karen Evans, chief information officer of the Department of Energy, Paller said. Evans was recently appointed administrator of information technology and e-government at the U.S Office of Management and Budget, a job she's scheduled to start next month. In her new position, she'll have oversight of IT purchasing activities across all federal agencies.
Software maker Oracle also is involved and will be speaking at the event, Paller said. A recent Oracle deal will be held up as an example of the new kinds of contracts the government is inking with software companies, he said.
An Oracle representative refused to confirm its participation in the initiative.
The other federal agencies leading the initiative are the Department of Homeland Security, the National Security Agency, the Department of Defense, and the General Services Administration, CIS said. The center expects 120 chief information officers and security specialists from government and business at the briefing.
We must bring a crippling lawsuit against MicroSoft for making the Internet Explorer so vulnerable and easily hacked into. Windows itself is so wide open to attack it's not even funny. I realize this would eventually lead to a catastrophic meltdown of the global internet, but if the federal government really wants to solve the "real" problem---they must look to Bill Gates.