OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

emergency message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [emergency] Cyber Security Alerts from US-CERT

The US CERT is a reconfiguration of the CMU/CERT cc--US government
relationship.

The formatting and architecture of cyber incident reporting has direct
significance 
in view of the regulatory framework for industry-DHS incident information
sharing,
a process for which the ISACs have lead responsibility on behalf of critical
infrastructure
sectors, and for which Title II of the HSAct (Critical Infrastructure
Information Act) and yet-to-be-finalized DHS regs have been developed with
significant industry input.

This context suggests to me the appropriateness of including these interests
in any
discussion of this issue in the TC Emergency venue.

DHS NCSD has the lead in architecting the US CERT.

Michael Aisenberg
VeriSign/Washington D.C.

-----Original Message-----
From: Tom Merkle [mailto:TMerkle@capwin.org] 
Sent: Friday, February 06, 2004 11:18 AM
To: R. Allen Wyke; TC Emergency
Subject: RE: [emergency] Cyber Security Alerts from US-CERT

 Allen,
I believe we should talk with them to ascertain whether to incorporate
the CERT Alerts into CAP format. 

At some point in time CAP may need to be broken into a base and volumes
configuration to support a varying intended audience. CERT is intended
to notify the IT security groups and others interested in that
particular type of information. With a separate volume changes may be
made without impacting the base (core) or other volumes. This approach
makes change management and risk & impact analysis much easier. Just
some thoughts to mull over.


Regards,
 
Tom Merkle
 
CapWIN:        www.capwin.org 
Phone:        (301) 614-3720
Cell Phone:   (240) 375-1966
Fax:          (301) 614-0581
e-mail:        tmerkle@capwin.org
 
CapWIN
6305 Ivy Lane Suite 300
Capital Office Park
Greenbelt, MD 20770

-----Original Message-----
From: R. Allen Wyke [mailto:emergency-tc@earthlink.net] 
Sent: Friday, February 06, 2004 11:07 AM
To: TC Emergency
Subject: [emergency] Cyber Security Alerts from US-CERT

For those of you in the public sector, thoughts on approaching this
group and making alerts available in CAP format?

http://www.uscert.gov/cas/alerts/index.html

Allen


To unsubscribe from this mailing list (and be removed from the roster of
the OASIS TC), go to
http://www.oasis-open.org/apps/org/workgroup/emergency/members/leave_wor
kgroup.php.


To unsubscribe from this mailing list (and be removed from the roster of the
OASIS TC), go to
http://www.oasis-open.org/apps/org/workgroup/emergency/members/leave_workgro
up.php.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]