A task force formed by the Department of Homeland Security is set to unveil a set of security recommendations this week for both enterprises and home users, but many industry observers say the guidelines are too little, too late.
The guidelines are the work of the Awareness for Home Users and Small Businesses task force, formed late last year by DHS and private industry at the National Cybersecurity Summit. The group and several others formed at the same event are designed to help foster better cooperation between government and industry and to tackle topics such as creating early warning systems, writing secure software and bolstering security in corporate governance.
The groups mainly comprise executives from security and software vendors such as Oracle Corp., Microsoft Corp., RSA Security Inc. and Internet Security Systems Inc., as well as government officials and security experts in academia.
"Everybody is quite irritated by the agendas being advanced by the vendors," said one executive involved in the process, who asked to remain anonymous. "IT security has always been driven by the vendors, and this is just more of the same. I've yet to see it ever being someone besides the vendors controlling the process. When is the government ever going to engage the actual practitioners?
http://www.eweek.com/article2/0,4149,1549935,00.asp?kc=EWRSS03119TX1K0000594