ISVS Seek Federal Security Help | eWeek

ISVS Seek Federal Security Help

Verfasst von
Dennis Fisher
Dennis Fisher
Apr 5, 2004
2 minute read
eWeek Inhalte und Produktempfehlungen sind redaktionell unabhängig. Wir können Geld verdienen, wenn Sie auf Links zu unseren Partnern klicken. Mehr erfahren

After years of imploring government officials to stay out of their way, some security industry executives have reversed their position and are asking for Washingtons input to improve software quality and network security. How serious they would be about following government suggestions or rules, however, is in doubt, experts say.

The accession is part of a massive set of recommendations released last week by an organization called Improving Security Across the Software Development Lifecycle, a group of industry executives and security experts from government agencies and academia that reports to the NCSP (National Cyber Security Partnership).

One of the key recommendations is that the Department of Homeland Security “examine whether tailored government action is necessary to increase security across the software development life cycle.” However, this request is at odds with the position many in the industry—including some of the groups key members—have taken for years.

Software providers such as Microsoft Corp., Oracle Corp. and others have maintained that there is no way to legislate security and that the government lacks the technical expertise to understand the problems.

“These vendors have no clothes on this topic,” said Alan Paller, director of research at The SANS Institute, in Bethesda, Md. “They ask for government direction only after everything else has failed.”

For enterprises, the task forces recommendations will likely have little short-term effect. But in the long run, better-trained developers should produce better software with fewer vulnerabilities, leading to more secure networks.

The software development report is the third to come out of the NCSP. Two other reports are due later this spring. Among the other recommendations in the report is a call for more specific funding of computer security education and research efforts at the undergraduate and graduate levels. It also calls for the tracking and certifying of effective secure coding processes developed by ISVs or other organizations.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Eigentum von TechnologyAdvice. © 2026 TechnologyAdvice. Alle Rechte vorbehalten

Werbetreibenden-Offenlegung: Einige der auf dieser Website erscheinenden Produkte stammen von Unternehmen, von denen TechnologyAdvice eine Vergütung erhält. Diese Vergütung kann beeinflussen, wie und wo Produkte auf dieser Website erscheinen, einschließlich beispielsweise der Reihenfolge, in der sie erscheinen. TechnologyAdvice schließt nicht alle Unternehmen oder alle auf dem Marktplatz verfügbaren Produkttypen ein.