Management
Technology
- Applications
- Business Intelligence
- Development
- Hardware
- Mobile & Wireless
- Networking
- Internet
- Operating Systems
- Security Products
- Servers & Datacentre
- Storage
Toolbox
Training
Books
White Papers
Webcast
Resource Centre
October 24, 2007
RSA 2007: Software firms to share security best practice
SAFECode is first industry-led shared security effort
By Siobhan Chapman
Software firms including Microsoft, EMC, SAP, Juniper and Symantec are establishing a forum to best practice in product and services development with governments and academics, in an effort to boost the security of the wider IT infrastructure.
Advert
Announcing the move at the RSA Security conference in London, they said the talking shop would be called the Software Assurance Forum for Excellence in Code (SAFECode). It will exchange data on security threats and try to formulate new ways to build secure code.
The founders, who will each make an annual £25,000 investment in the initiative, claim SAFECode is the first global, industry-led push to identify and share best practices for software, hardware and services development.
SAFECode will be headed by security expert Paul Kurtz, currently a partner at Good Harbour Consulting, who has also served in senior positions on the White House’s National Security and Homeland Security Councils and was a founding executive director at the Cyber Security Industry Alliance.
"It’s not a standards body or a lobbying organisation. By promoting the individual best practices of firms we get the greatest chance to improve overall best practices,” said Kurtz. While individual vendors have developed effective methods for developing and delivering more secure and reliable software, most have worked in isolation.
The technology heavyweights are calling on other vendors to join the non-profit organisation, as well as governments and critical infrastructure providers.
The organisation will form three groups, with one technical in nature, one that will deal with issues of public policy, and one that will work alongside advisory groups for government, academia and critical infrastructure providers.
On the question of whether the open source community would be able to join, Kurtz said: “Anyone is welcome to work with us. There are security concerns in the open source world too.”
Follow highlights from ComputerworldUK on Twitter
Sign up for our Daily Newsletter
The UK IT News widget Get it for your site!
« prev article | more security news | next article »
Advert
Email this article to a friend or colleague:
PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.
- This article is now being printed.
What are your views on this subject? Use the form below to post a comment on this article up to 1000 characters.
Click below to add 'RSA 2007: Software firms to share security best practice - Data control & Intellectual Property - ComputerworldUK' to your blog.
If you do not have a ComputerworldUK Account and would like to use this feature, please Register.
If you are a registered, logged-in user, this will post the title and first paragraph of this story to your blog to share with your readers.
Advert
Newsletters
Your daily injection of CW news and expert analysis: we’ll bring the news to you.
WHITE PAPERS
-
Legal risks: Employee use of the internet and email
Exploring the challenges facing IT Mangers today and vital steps to ensure safe internet an email use by employees. -
Phishing for victims
This White Paper examines the phenomenon of phishing. It explains the potentially catastrophic threat it presents to all kinds of organisation. Exploding some widespread myths, it lights up the murky waters where phishing first emerged and where it continues to evolve. But it also highlights what your business can do to blunt the threat.
