[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [emergency] Cyber Security Alerts from US-CERT
The US CERT is a reconfiguration of the CMU/CERT cc--US government relationship. The formatting and architecture of cyber incident reporting has direct significance in view of the regulatory framework for industry-DHS incident information sharing, a process for which the ISACs have lead responsibility on behalf of critical infrastructure sectors, and for which Title II of the HSAct (Critical Infrastructure Information Act) and yet-to-be-finalized DHS regs have been developed with significant industry input. This context suggests to me the appropriateness of including these interests in any discussion of this issue in the TC Emergency venue. DHS NCSD has the lead in architecting the US CERT. Michael Aisenberg VeriSign/Washington D.C. -----Original Message----- From: Tom Merkle [mailto:TMerkle@capwin.org] Sent: Friday, February 06, 2004 11:18 AM To: R. Allen Wyke; TC Emergency Subject: RE: [emergency] Cyber Security Alerts from US-CERT Allen, I believe we should talk with them to ascertain whether to incorporate the CERT Alerts into CAP format. At some point in time CAP may need to be broken into a base and volumes configuration to support a varying intended audience. CERT is intended to notify the IT security groups and others interested in that particular type of information. With a separate volume changes may be made without impacting the base (core) or other volumes. This approach makes change management and risk & impact analysis much easier. Just some thoughts to mull over. Regards, Tom Merkle CapWIN: www.capwin.org Phone: (301) 614-3720 Cell Phone: (240) 375-1966 Fax: (301) 614-0581 e-mail: tmerkle@capwin.org CapWIN 6305 Ivy Lane Suite 300 Capital Office Park Greenbelt, MD 20770 -----Original Message----- From: R. Allen Wyke [mailto:emergency-tc@earthlink.net] Sent: Friday, February 06, 2004 11:07 AM To: TC Emergency Subject: [emergency] Cyber Security Alerts from US-CERT For those of you in the public sector, thoughts on approaching this group and making alerts available in CAP format? http://www.uscert.gov/cas/alerts/index.html Allen To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/emergency/members/leave_wor kgroup.php. To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/emergency/members/leave_workgro up.php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]