After the recent onslaught of cyber attacks hitting corporate and public-sector websites, the federal government has devised a plan to protect small businesses from hackers, SCMagazineUS.com reports.
Released yesterday, the Common Weakness Risk Analysis Framework, developed by the Department of Homeland Security, MITRE Corp and SANS Institute, will help the business owners evaluate which software vulnerabilities pose the greatest risk to their organization.
Security vendors, such as Fortify Software and Klocwork, have already said they will implement the scoring system into their future offerings, Bob Martin, MITRE’s program director told SCMagazineUS.com.
The aim of the scoring system is to force software companies to be more straightforward with customers, which will result in the creation of more secure programs and better buying decisions, Alan Paller, director of research at SANS, told SCMagazineUS.com.
“You can measure the degree to which one software package is compared to another software package,” he said. “It changes the way people can buy stuff. They can say, ‘Before you give me any software, I’d like to see your score on this.'”