Cisco’s Global Certification Team (GCT) wants to wish Ms. Carol Houck well on her retirement from Director, NIAP/CCEVS (National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme) in the NSA/CSS Commercial Solutions Center (NCSC) at the National Security Agency (NSA). Ms. Houck leaves NIAP with a lasting legacy, defined by three words: consistent, repeatable, and testable. We very much appreciate her thought leadership by extending outreach to Industry to improve the public/private partnership and her deliberate collaboration with Industry to help shape the future of CC. Likewise, GCT would like to welcome Mr. Mark Loepker as the new Director of NIAP/CCEVS. Already Mr. Loepker’s impact has been felt as he strives to continue to improve the Common Criteria through the creation of Technical Communities and the development and adoption of Collaborative Protection Profiles.
The GCT looks forward to working with Mr. Loepker and NIAP/CCEVS to continue to cement Common Criteria as the global mutually recognized standard in security certifications.
In this age of emerging technologies and increasingly complex cyber threats, government and enterprise organizations of all types need to ensure that products they use meet key security criteria, are standards based, perform as expected and interoperate reliably with existing technology.
As these organizations adopt new emerging technologies in hopes of saving on infrastructure and maintenance costs, is this at the risk of security? Without the proper security mechanisms in place and validated, the results could be catastrophic.
Common Criteria is an international standard for evaluating IT product security and reliability, recognized by more than 26 countries around the world. Common Criteria is considered a mandatory requirement for purchasing network security products by many governments.
The 13th International Common Criteria Conference, this year being held in Paris from September 18-20, will bring together leaders from governments and organizations of all types from around the world.
The ICCC Conference offers certification/validation schemes, evaluation laboratories, product developers, system integrators and product users to exchange expertise, experiences and skills on the application of the Common Criteria and security for Information and Communication Technology [ICT] solutions, such as Cloud Computing.
Cisco will participate in speaking sessions at the conference focused on topics including Supply Chain Security, Architectural approaches to Technical Communities and Collaborative Protection Profiles, Cloud Security and Innovation.
Details on the speaking sessions presented by and in collaboration with Cisco are below:
Progress Report from the Supply Chain Security Technical Workgroup
Sept. 19 at 11:30 CET
Track 1 – Room B/Chagall + Van Dongen
Michael Grimm, senior program manager, Microsoft and Terrie Diaz, product certification engineer, Cisco
An Architectural Framework Approach in the Development of Technical Communities and Collaborative Protection Profiles
Sept. 19 at 11:30 CET
Track 2 – Room C/Soutine & Utrillo
Axel Munde, BSI
Dirk Jan Out, Brightsight
Jen Gilbert, lead, global certifications strategy and policy, Cisco
Cloud Security and Common Criteria
Sept. 19 at 14:30 CET
Track 3 – Room D/Picasso
Ashit Vora, manager, security assurance – FIPS/Common Criteria, Cisco
Innovation and the Common Criteria
Sept. 19 at 15:00 CET
Track 3 – Room D/Picasso
Audrey Plonk, Intel
Jen Gilbert, lead, global certifications strategy and policy, Cisco
Visit ICCC and Cisco Global Government Certifications for more information.
Tags: Cisco leadership, cloud security, Common Criteria, fips, global certification team, government product certifications, security assurance
The Common Criteria Users Forum (CCUF) Management Board is pleased to announce the CCUF-CCDB (Common Criteria Development Board) Workshop September 11th – 13th, 2012, as a preceding event to the International Common Criteria Conference (ICCC) in Paris, France.
As was done at the Tokyo workshop, the CCDB has invited active Industry participation in a Private + Public Partnership dialogue for the majority of the joint meetings. To allow for greater numbers to participate in interactive dialogue and directly with the CCDB, an extended closing meeting will be held between the CCUF and CCDB on Thursday at the Microsoft offices.
The Tuesday and Thursday sessions will be held at the Microsoft Office in Paris; Wednesday Cisco will be hosting workshop participants at their offices.
Wednesday will be composed of breakout topics amongst the CCUF participants, and will be held at the Cisco Office. The main topics for Tuesday and Thursday, which will be presented to the CCDB during the closing session on Thursday, are:
- Framework for coordination between Common Criteria technical communities
- Role of CCUF in the work of forming, supporting, and cross-fertilizing Common Criteria technical communities
- Taking forward the work on ‘innovation’
- How to efficiently, effectively, and fairly use the associated technical community to maintain the collaborative Protection Profile as new approaches are developed
The Cisco Global Certification Team (GCT) is looking forward to this opportunity to interact with our peers, be an active voice in the Common Criteria community, and work together to further this program as the global standard in security and assurance certifications. If you have any questions or comments on the CCUF-CCDB workshop, please contact Alicia Squires at firstname.lastname@example.org.
Tags: board, CCDB, CCUF, Common, Conference, criteria, Development, Forum, ICCC, International, users
I moved down to D’Iberville, MS February of 2005. A quaint up and coming starter community just North of Biloxi, MS. I remember, while working for the State Police, taking my lunch to the end of a pier that was near by our office, sitting on the edge and looking out over the water. I enjoyed the peace, especially since it wasn’t even two years ago before that I was in Afghanistan looking forward to holding my 6 month old daughter that I spent 5 days with before deploying. I found this pretty little 4/2 split plan home less than a mile “as the crow flies” from the beach that August. It was humble, but I knew it would be a good place to start my life over. I remember watching and listening about some storm that month out in the middle of no where, thinking to myself, “I better hurry and close on that house otherwise I will not be able to get Home Owners Insurance.” Well, my house luckily enough was not in a flood zone, it was the suckers across the street, so I didn’t need to pay the extra insurance at closing. I closed August 25, 2005. Looking back, it’s funny to think how I was barely able to get all of my belongings moved into the house before I had to board up and head for higher ground. Little did I know at the time that the one night I spent in the house would be the last night. I packed an over night bag, locked the door, and left.
Hurricane Katrina before landfall, Category 5
Intense Hurricane Katrina video of 28 feet of storm surge.
Hurricane Katrina made landfall on August 29, 2005 on the Mississippi Gulf Coast. She bolstered swells upwards of 30ft and reeked havoc throughout the Mississippi Coast Line with her devastation physically noticed over 160 miles inland to the heart of Mississippi, Jackson. She claimed nearly 1900 lives, displaced more than 700,000 people (more than the Dust Bowl Migration of the Great Depression) and cost our country nearly $125 Billion Dollars in property damage and insurance pay outs. To this day, there are still nearly 700 missing persons from that infamous day 7 years ago.
In Mississippi alone, over 200 lives were taken, 67 missing persons, and 5 still yet to be identified. Over 65,000 homes were destroyed, including one that sat at 10229 Cottage Court Cove, D’Iberville, MS 39540, my home. My neighborhood went under 15ft of water with about 7ft sitting inside my home before residing. I remember looking through the portal of the front door, seeing the damage, the water line, the mud, everything. I didn’t even unlock the door. I did what I knew to do: Report for duty.
I reported to the Emergency Operation Center in Gulfport, MS, linked up with the Director of the Mississippi Crime Laboratory, Sam Howell, and conducted Search and Recovery efforts with the Harrison County Coroner’s Office. Search and Rescue teams would identify remains and our team would recover those remains and transport them back to the “Reefer Trucks” (Refrigerated Tractor Trailers) parked outside one of the funeral homes in Gulfport, MS. We had recovery teams mobilized throughout the Gulf Coast. My area of responsibility was Biloxi, MS.
Conditions were terrible. I slept on a slab the first night across from the EOC. Our communications were non-existent, the only service provider available was Cell South, now called C-Spire. Our collaboration across the board with mobilized agency’s from law enforcement volunteers to the MS National Guard was decayed. It was analogue and archaic. There were next to no communications capabilities while we were deployed to our AOs. Each team had to be internally self sufficient, bringing everything we needed with us that morning. Response was slow, the people were restless, and resources were coming close to depleting. We weren’t ready.
Now it’s 2012. On the eve of the Anniversary of one of the most catastrophic natural disasters of our time, Hurricane Isaac will eerily make landfall on this momentous day 7 years later. At this point, as I listen to the News from the other room, Isaac has increased to a Category I. The Army National Guard has already mobilized, the Joint Information Center (JIC) was deployed two days ago and is set up for distribution D+1. The stage is set for one of the quickest responses that the state of Mississippi has to offer with every available hand poised and ready. I myself, a Nationally Registered EMT-B, am also ready to provide assistance if need be. Now, we are ready.
In the short time I have worked for Cisco, I have been part of an amazing team that has relentlessly worked to bring attention to Cisco’s technology in order to aid and assist First Responders so that they may seamlessly do what they do best: Serve. With Cisco’s TacOps team and NERV mobile command center those who respond will have at their finger tips what they need to provide assistance to the public.
Today, we are ready.
This was difficult for me to write and share. As you finish reading this, please give a moment of silence for those that Hurricane Katrina claimed and their families.
Tags: Cisco Tacops, disaster preparedness, disaster recovery, disaster response, Emergency Responder, government, natural disaster
The September 30 IPv6 deadline is quickly approaching and a number of government organizations are struggling to make the transition. According to a survey conducted by the National Institute of Standards and Technology (NIST), 99 percent of all federal websites aren’t supporting the next-gen Interned Protocol on their DNS, email and Web services.
We at Cisco understand the urgency and difficulty of this change, therefore have partnered with the Digital Government Institute to host a free one-hour webinar on August 30 (2 p.m. ET) that will give attendees the tools, as well as outline five steps, to help your agency move quickly toward compliance as the clock ticks down.
Attendees of the “5 Steps to Meet the September 30 IPv6 Deadline” webcast will learn:
- How to get your agency on the road to compliance
- Where to find agency help in the federal government
- How to get the best services from the GSA schedules
- About the Internet Engineering Task Force (IETF) IPv6 standards and how IPv6 has been integrated into a long list of USGv6 certified products
- How five federal agencies, including the Department of Veterans Affairs, have already made the transition
- Dale Geesey, Chief Operating Officer, Auspex Technologies (CISSP)
- Steve Pirzchalski, Director Enterprise Network Services, Department Veterans Affairs
- David Prall, Consulting Systems Engineer, Cisco
For more information on the transition to IPv6, visit http://www.cisco.com/web/strategy/us_government/ipv6.html.