A group of high-level IT officials in the federal government has begun collaborating on configuration benchmarks that government agencies could be required to use in future purchases of hardware and software. The development of the benchmarks is at once an indication of the growing importance of security in Washington and of the government's intention to use its purchasing power as an agent of change inside the Beltway and in the vendor community.
"Yes, I believe the government is getting better at this," said Alan Paller, research director at The SANS Institute, based in Bethesda, Md., who has spoken with many of the federal CIOs involved in this effort. "This doesn't solve the entire problem, but it helps going forward. I believe a great deal of money was thrown away on reports that could've been spent on solving the problem."
The link for this article located at EWeek is no longer available.
