Printer Friendly
The Free Library
22,725,466 articles and books

Security and IT Industry Leaders Form Organization for Internet Safety; New Alliance Will Propose Best Practices for Handling Security Vulnerabilities.



Business/Technology Editors

BOSTON--(BUSINESS WIRE)--Sept. 26, 2002

The Organization for Internet Safety (OIS Noun 1. OIS - agency that oversees the intelligence relationships of the Treasury's offices and bureaus and provides a link between the Intelligence Community and officials responsible for international economic policy
Office of Intelligence Support
), a unique alliance of leading technology vendors, security researchers and consultancies, today announced its formation. The OIS was formed to propose and institutionalize in·sti·tu·tion·a·lize
v.
To place a person in the care of an institution, especially one providing care for the disabled or mentally ill.



in
 industry best practices for handling security vulnerabilities to ensure that security and technology vendors, and security researchers, can more effectively protect Internet users. Founding members of the OIS include @stake, BindView Corp., Caldera International, Inc. (The SCO Group), Foundstone, Guardent, Internet Security Systems, Inc., Microsoft Corp., Network Associates, Oracle Corporation, SGI (SGI, Sunnyvale, CA, www.sgi.com) A manufacturer of workstations and servers, founded in 1982 by Jim Clark. The company was founded as Silicon Graphics, Inc., but changed to its acronym in 1999.  and Symantec.

Currently, there are no widely accepted industry best practices for reporting and managing security vulnerabilities. The absence of common processes and best practices can make it extremely difficult for security researchers and vendors to efficiently resolve security issues and keep Internet users and security professionals informed and armed with the most up-to-date security tools. The OIS is founded on the principle that standardized, widely-accepted processes will allow security vulnerabilities to be handled in a way that reduces the dangers they pose and will help security vendors and researchers to more effectively protect Internet users and critical infrastructures.

OIS is actively working to develop guidelines for handling vulnerability information that will be useful for security researchers and technology vendors alike. The organization expects to release drafts of the standards in early 2003.

As part of the OIS, an Advisory Board is being formed that will consist of global network security managers, who can provide unique insight into the needs of computer users and infrastructure providers. The Advisory Board will work with the OIS to validate processes that the group develops. Advisory Board members will be nominated and approved by OIS members and will serve for one year. OIS expects to begin announcing Advisory Board members in early 2003.

"It's increasingly critical - to our critical infrastructure as well as to individual computer users - that security vulnerabilities be avoided when developing software, but where they occur they need to be found and eliminated as effectively as possible," said John Pescatore, Vice President for Internet Security at Gartner, Inc. "Industry-consensus processes are a needed step toward making this happen."

The OIS held its first official meeting at the RSA Conference 2002 in San Jose, Calif., in February. The group has completed its charter and bylaws The rules and regulations enacted by an association or a corporation to provide a framework for its operation and management.

Bylaws may specify the qualifications, rights, and liabilities of membership, and the powers, duties, and grounds for the dissolution of an
, and is now working to prepare draft standards for vulnerability reporting. These standards will undergo public review before being finalized.

About the Organization for Internet Safety

The Organization for Internet Safety (OIS) is a unique alliance between leading technology vendors, security researchers and consultancies working to propose and institutionalize industry best practices for handling security vulnerabilities. The OIS was founded in September 2002 on the principle that standardized, widely-accepted processes will allow security vulnerabilities to be handled in a way that reduces the dangers they pose and will help security vendors and researchers to more effectively protect Internet users and critical infrastructures. Founding members of the OIS include @stake, BindView Corp. (Nasdaq: BVEW BVEW Binary View ), Caldera International, Inc. (The SCO Group) (Nasdaq: SCOX), Foundstone, Guardent, Internet Security Systems, Inc. (Nasdaq: ISSX ISSX Internet Security Systems Inc. (stock abbreviation, AMEX) ), Microsoft Corp. (Nasdaq: MSFT MSFT Microsoft (stock symbol)
MSFT Movimento Sociale Fiamma Tricolore (Italy)
MSFT Multi-Stage Fitness Test
MSFT Master of Science in Family Therapy
MSFT Macalester Students for Fair Trade
), Network Associates (NYSE NYSE

See: New York Stock Exchange
: NET), Oracle Corporation (Nasdaq: ORCL ORCL Oracle (stock symbol) ), SGI (NYSE: SGI) and Symantec (Nasdaq: SYMC SYMC Symantec Corporation (stock symbol) ).
COPYRIGHT 2002 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2002, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Publication:Business Wire
Date:Sep 26, 2002
Words:530
Previous Article:EDT Learning Partners With Playback Media.
Next Article:ADVISORY/Content Management Expert from Percussion Software Presenting at Internet World 2002.



Related Articles
Organization for Internet Safety Issues Public Comment Draft for Security Vulnerability Reporting and Response Guide.
ADVISORY/@stake's Chris Wysopal to Testify at U.S. House of Representatives Hearing on Worm and Virus Defense.
REMINDER/@stake's Chris Wysopal to Testify at U.S. House of Representatives Hearing on Worm and Virus Defense.
An ergonomics guideline furnituremakers can use: Gary Barger, corporate safety director of Broyhill Furniture Industries Inc., discusses the...
National Cyber Security Summit Alliance Releases Work Plan; BSA, ITAA, TechNet and U.S. Chamber of Commerce Lead Industry Effort.
Policies with a purpose: ensuring business continuity.
Organization for Internet Safety Issues First Annual Public Comment Draft for Security Vulnerability Reporting and Response Guide.
Symantec Supports National Cyber Security Alliance Awareness Efforts; Symantec Engages In October Cyber Security Awareness Month and PSA Campaign.
LogicLibrary Adopts the Organization for Internet Safety's Software Security Framework.
IBM Internet Security Systems shields customers from critical Microsoft vulnerabilities.

Terms of use | Copyright © 2014 Farlex, Inc. | Feedback | For webmasters