Cyber Security Industry Alliance Newsletter •  Volume 3, Number 12  • November 2007

New Information Security Initiatives Launched in October

CSIA Members Participate in New Efforts to Improve Cyber Security

Two significant initiatives that bring industry experts together to help improve the state of information security were announced in October – the Commission on Cyber Security for the 44th Presidency and the Software Assurance Forum for Excellence in Code (SAFECode).

Commission on Cyber Security for the 44th Presidency
CSIS logo

The Center for Strategic and International Studies (CSIS) established the Commission on Cyber Security for the 44th Presidency. The goal of the Commission is to identify a strategy and set of recommendations for the next administration to move ahead in order to help secure cyber space.

The Commission will examine existing plans and strategies to assess what a new administration should continue, what it should change, and what new policies should be adopted or new authorities sought from Congress. Issues for consideration will include infrastructure protection, software assurance, federal agency cyber security, and information security initiatives in both the public and private sectors.

The 31-member Commission, which includes former federal officials and industry leaders, plans to submit recommendations to the next president by December 2008. Co-chairmen of the commission are retired Admiral Bobby Inman, former director of the U.S. National Security Agency; Scott Charney, corporate vice president for trustworthy computing at Microsoft; and U.S. Representatives Jim Langevin (D-RI) and Michael McCaul (R-TX). Other members include Mary Ann Davidson of Oracle Corp., Ed Felten of Princeton University, Shannon Kellogg of EMC Corp., Paul Kurtz, former executive director of CSIA, Marcus Sachs of The SANS Institute and Michael Vatis, former head of the FBI's National Infrastructure Protection Center.

CSIS is a nonpartisan, nonprofit research center organization headquartered in Washington, D.C. Its focus is on security in a changing global environment. More information is available at www.csis.org.

SAFECode

A group of leading information and communications technology companies announced the formation of the Software Assurance Forum for Excellence in Code (SAFECode), a non-profit organization exclusively dedicated to increasing trust in information technology (IT) products and services through the advancement of proven software assurance methods.

Founded by EMC Corporation, Juniper Networks, Inc., Microsoft Corporation, SAP AG and Symantec Corp., SAFECode is the first global, industry-led effort to identify and promote best practices for developing and delivering more secure and reliable software, hardware and services.

While individual companies have implemented effective methods for developing more secure and reliable technology products and services, there has been no coordinated, industry-led effort to build upon this positive work and promote best practices to advance software assurance more broadly. SAFECode fills this gap by bringing together subject matter experts to identify and share proven vendor software assurance practices, promote broader adoption of such practices into the cyber ecosystem, and work with governments and critical infrastructure providers to leverage vendor practices to manage enterprise risks.

Paul Kurtz, CSIA's former executive director and a partner at Good Harbor Consulting LLC, will serve as SAFECode's executive director. More information is available at www.safecode.org.