Forwarded From: "Spencer, Will" <wspencer@DMWGroup.com>
Security Initiative Launched to Aid Industry Leaders and Protection of
Nation's Critical Infrastructure
ATLANTA AND STAMFORD, CONN. (Oct. 19) BUSINESS WIRE -Oct. 19, 1998--
Project Spotlight to be the First Full Scale, Quantitative Information
Security Risk Study Threats surrounding modern information systems are
growing at an astounding rate. Culprits range from unskilled disgruntled
employees looking for revenge to well-organized external organizations
employing sophisticated structured attacks for industrial espionage. These
information security concerns were a driving force behind the formation of
the United States President's Commission on Critical Infrastructure
Protection. In its initial findings the Commission stated, "The capability
to do harm - particularly through information networks - is real; it is
growing at an alarming rate; and we have little defense against it."
Commission findings point to the need for a higher level of information
sharing to better understand the proactive steps government agencies and
corporate America need to take to effectively secure networked
information.
Project Spotlight, a new outreach program that directly addresses these
concerns, is the country's first formal initiative designed to educate
both private and public sectors on the current status of information
security. By generating the first quantitative data on information
security threats and weaknesses, Project Spotlight will provide a critical
baseline designed to become an industry standard for security practices.
The Project will also present the specific processes and technology
necessary for ongoing information protection of our nation's
infrastructure.
Project Spotlight founders, who are leading-edge companies making unique
contributions in the area of information security, include: Client/Server
Labs, the premier enterprise-wide IT testing lab; Internet Security
Systems (ISS), the leading provider of adaptive network security
technology that automatically detects and responds to security risks; and
META Group, a leading IT research and analysis services firm. Also
participating in Project Spotlight is the law firm of King & Spalding
represented by Senator Sam Nunn, a key advisor to the President's
Committee on Critical Infrastructure Protection.
"Project Spotlight is a pioneering effort to gather critical quantitative
data that will deliver an increased level of knowledge regarding security
threats and effective countermeasures," said Sam Nunn, former Senator and
recent co- chairman of the Advisory Committee to the President's
Commission on Critical Infrastructure Protection. "The Project's
commitment to furthering education in the information security arena will
enable organizations to actively protect their enterprise systems through
heightened awareness of security issues and proven risk management methods
and solutions."
Project Spotlight will involve a select group of Fortune 500 and Global
2000 companies. The Project Spotlight team will install leading-edge
security assessment and intrusion detection software and gather and
analyze otherwise undetected security vulnerability and threat data.
In-depth analysis and subsequent reports will provide insight into the
vulnerability exposure and threat activity present in the information
systems of Spotlight participants and will provide critical trends and
conclusions based on this quantitative data to the industry-at-large.
"One of the American Electronics Association's charters is to influence
Public Policy," stated AEA -Southeast Executive Director Betty Gray-Rose.
"In that regard, we feel Project Spotlight and its' goal of educating both
the public and private sectors on the current status of information
security is extremely important. Additionally, for our member companies
the information they will receive regarding their own information system
security vulnerabilities and threats, will be invaluable."
Specifically, Project Spotlight will provide participants with the
following: - - Actual threat and vulnerability data by industry -- this
information will be evaluated to determine the potential impact to
corporate information systems and networks -- Specific vulnerability data
delivered in a timely fashion -- enabling participants to implement
corrective measures during the project -- A baseline vulnerability and
threat database organized by industry -- designed to measure internal
improvement and perform external trend analysis; -- Qualitative and
quantitative statistical analysis -- a basis for prioritizing and building
the business case for future security technology investments; to protect
both the nation's infrastructure, as well as corporate America -- A
comprehensive vulnerability and threat report -- comparing the
participant's security posture with that of other corporations and other
industries.
For general information about Project Spotlight or for information on how
to become involved in the program, contact META Group at (800) 945-META or
Client/Server Labs at (770) 552-3645 or visit the Project Spotlight web
site at http://www.iss.net/spotlight. About Project Spotlight Founders
Client/Server Labs (CSL), the world's leading independent IT testing lab,
is a source for comprehensive, mission critical life cycle testing.
Unbiased and non- vendor managed, CSL is a "Primary Test Lab Partner" for
Computerworld and ENT Magazine and has served as a contributor to CIO,
Internet World, and Network World. Headquartered in Atlanta, CSL is a
certified tester of the Notesbench benchmark and a Testing Partner with
Mercury Interactive, Netcom Systems and Segue Software. CSL's custom tests
include software and hardware compatibility, capacity/load performance
measurement, functionality and customer software evaluations, in addition
to numerous industry standard benchmarks. For details, connect with
www.cslinc.com.
Internet Security Systems (ISS) (NASDAQ: ISSX) is the pioneer and leading
provider of adaptive network security delivering enterprise-wide
information protection solutions. ISS' award-winning SAFEsuite family of
products manages security risks and enhances end user confidence in
intranet, extranet and electronic commerce environments. By combining
proactive vulnerability detection with real-time intrusion detection and
response, ISS' adaptive network security system creates a flexible cycle
of continuous security improvement, including policy implementation and
enforcement. This comprehensive approach to network security strengthens
the security of existing systems and has dramatically improved the
security posture for organizations worldwide, making ISS a critical,
trusted security advisor for firms in the Global 2000, 9 of the ten
largest U.S. commercial banks and over 35 governmental agencies. For more
information, call ISS at 678-443-6000 or 800- 776-2362 or visit the ISS
web site at www.iss.net.
King & Spalding is a leading national law firm that provides a wide range
of legal services to a diverse and sophisticated client base. In the IT
area, the Firm's I-Tech Practice Group, led by King & Spalding partner and
former United States Attorney, Kent Alexander, employs an integrated team
approach to furnish high quality, full-service legal services to
technology companies and other companies in need of IT-related advice.
Among the group's areas of focus are computer security and liability
issues. King & Spalding partner, Sam Nunn brings unique experience to the
I-Tech Practice. As a United States Senator for 24 years, he has earned a
reputation as one the nation's leading experts on computer security issues
and is a recent co-chairman of the Advisory Committee to the President's
Commission on Critical Infrastructure Protection. For more information
about King & Spalding's I-Tech Practice Group, please visit
http://www.kslaw.com/itech.com.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Tue Oct 20 09:04:00 1998