Task force issues more cybersecurity goals

IT vendors should improve default security settings in their products, a committee of the National Cyber Security Partnership Task Force (NCSP) said in a set of recommendations it has released on technical standards. The NCSP's Technical Standards and Common Criteria committee released its cybersecurity recommendations Monday, with the group of academics, government officials, IT vendors and customers asking vendors to provide stronger "out-of-the-box" security configurations and to support at least one configuration profile that provides a baseline security level.

The 104-page committee report, available at http://www.cyberpartnership.org/TF4TechReport.pdf, is intended to put more pressure on vendors about default security settings and raise awareness about best practices and security audits, said Mary Ann Davidson, chief security officer at Oracle Corp., and cochairwoman of the committee. The committee is hoping to move the debate away from advice that vendors may or may not choose to follow, she said.

Read Full Story