Following the release of the National Strategy to Secure Cyberspace, this public-private partnership was established to develop shared strategies and programs to better secure and enhance America's critical information infrastructure. Three of five task force reports are now available. The next two reports will be released in early April. The reports are: Awareness for Home Users and Small Businesses; Cyber Security Early Warning; Security Across the Software Development Lifecycle Task Force; Technical Standards and Common Criteria; Corporate Governance. From the most recent report: "Software security improvement requires: * Higher education to do a better job of teaching future software developers. * The software industry to make security an integral part of the design process. * Policymakers and others to create incentives that reward those who create secure software code. * The software industry to come together on a common method of managing the process of patching software when insecurities are discovered. Every accredited undergraduate computer science program should be required to have a mandatory course in computer security that includes a laboratory component. The Georgia Tech undergraduate curriculum, described at http://www.cs.gatech.edu/academics/undergraduate.html does not even mention the word 'security', let alone require a course in the subject. |