FedCIRC Seeks Industry Input
Government group wants to establish common standards for exchanging information about network security incidents.
The Federal Computer Incident Response Center (FedCIRC) is seeking private industry participation to develop standards for exchanging information about network security breeches. FedCIRC is the central coordination and analysis facility dealing with computer security related issues affecting the civilian agencies and departments of the federal government.
FedCIRC's incident response and advisory activities bring together elements of the Department of Defense, law enforcement, intelligence community, academia and computer security specialists from federal civilian agencies and departments forming a a virtual security team.
The request for information (RFI by FedCIRC seeks private enterprise input for two standards under development: The Intrusion Detection Message Exchange Format and the Incident Object Description and Exchange Format. The RFI deadline for responses is due via e-mail by Feb. 28.
FedCIRC is currently working with the CERT Coordination Center (CERT/CC) on a project known as the Data Analysis Capability (DAC), which would allow FedCIRC access to government-wide incident reports for analysis and correlation.