Information Security Experts to Develop Uniform ``Best Practices''; Final Work Product to be Available On the Internet From ISC2.Business Editors FRAMINGHAM, Mass.--(BUSINESS WIRE)--Aug. 1, 2001 An international group of experts in the field of information security today announced the formation of a project to create Commonly Accepted Security Practices and Recommendations (CASPR CASPR Commonly Accepted Security Practices and Recommendations CASPR Central Arkansas Society for Paranormal Research ). For the first time, security standards will be developed to address the "best practices" needs of information security professionals across all industries. The group is comprised of members of the CISSP (Certified Information Systems Security Professional) The award for successful completion of an examination in computer security administered by the International Information Systems Security Certification Consortium (ISC)2. (Certified Information Systems Security Professional Certified Information Systems Security Professional (CISSP) is a vendor-neutral certification governed by the non-profit International Information Systems Security Certification Consortium (commonly known as (ISC)²). ) Forum, a 900-member constituent group of the International Information Systems Security Certification A certification issued by competent authority to indicate that a person has been investigated and is eligible for access to classified matter to the extent stated in the certification. Consortium (ISC (1) (Internet Systems Consortium, Redwood City, CA www.isc.org) An organization founded by Paul Vixie, Carl Malamud and Rick Adams in 1994 and later sponsored by UUNET and other Internet companies. )2, as well as other experienced security professionals. "The goal of CASPR is to take the world's leading professionals in information security and distill dis·till v. 1. To subject a substance to distillation. 2. To separate a distillate by distillation. 3. To increase the concentration of, separate, or purify a substance by distillation. their knowledge into a series of papers that are freely available on the Internet to the general public," said Bob Johnston
Donald William 'Bob' Johnston (born 14 May 1932, Hillsboro, Texas) is a noted American record producer, best known for his work with Bob Dylan, Johnny Cash, Leonard Cohen, Willie Nelson and many Nashville recording artists, as , a CISSP Forum member who is helping to spearhead the project. (ISC)2 awards the CISSP, considered the "gold standard" for information security credentials. There are approximately 5,000 CISSPs worldwide. "There is an enormous need for uniform best practices to be developed for information security in vertical industries," said James E. Duffy, CISSP, managing director of (ISC)2, based in Framingham. "This distinguished group of accomplished security professionals is the best assembly of experts to achieve this objective, and (ISC)2 strongly endorses this initiative." The CASPR initiative began in April with 35 participants and by mid-June had grown to more than 80. All participants are volunteers. To create the issue papers, working groups were formed to cover such subjects as UNIX UNIX Operating system for digital computers, developed by Ken Thompson of Bell Laboratories in 1969. It was initially designed for a single user (the name was a pun on the earlier operating system Multics). , physical security, incident handling, virtual private networks, cyber crime, certification and authentication, security awareness, metrics, firewalls and network intrusion detection systems to mention a few. The basic model will be based on (ISC)2's Common Body of Knowledge and will be reviewed by CISSP Forum members. Once posted on the (ISC)2 Web site, the final papers will be subjected to ongoing review and will be amended as new and better ideas are submitted. Approximately every six months, papers will be revised to include all appropriate addenda. "This fluid method of review and revision is the CASPR Project's answer to the continuously changing field of information security," Johnston said. Once a critical mass of issue papers has been developed and reviewed, the CASPR Project will pursue print publication. The first block of work is expected to be ready for publishing in Q4 2001. More information about the CASPR Project is available at www.caspr.org . Participation in the CASPR Project is open to anyone with the background and ability to make a contribution. To get involved, send an e-mail to: caspr-project-subscribe@yahoogroups.com. About (ISC)2 The International Information Systems Security Certification Consortium Inc. (ISC)2 is the premier organization dedicated to providing information security professionals and practitioners worldwide with the standard for professional certification. Since its inception in 1989, the not-for-profit organization has provided certification, training and has advocated the need for one industry wide security standard. (ISC)2 provides two forms of certification, the Certified Information Systems Security Professional (CISSP) and the Systems Security Certified Practitioner Systems Security Certified Practitioner (SSCP) is a vendor-neutral Information Security certification governed by the non-profit International Information Systems Security Certification Consortium (commonly known as ISC2). (SSCP (1) (System Services Control Point) A controlling program in an SNA domain. It resides in the host and is a component within VTAM. See also SCCP. ), both unique by requiring years of experience in their field. For more than 10 years (ISC)2 has certified thousands of security professionals in more than 40 countries. More information about (ISC)2 is available at www.isc2.org or by calling 508/875-8400. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion