LM, SANS launch cybersecurity plan

May 1, 2008 at 1:43 PM
share with facebook
share with twitter
Sign up for our Security newsletter

GAITHERSBURG, Md., May 1 (UPI) -- Lockheed Martin said this week it had joined forces with the SANS Institute to fight cybersecurity threats.

"Through a new certification program and training initiatives, Lockheed Martin developers will be given new skills to further enhance the security of the code they write," the company said in a statement Monday.

Lockheed Martin said the new cooperation program would allow the company to check out the secure coding skills of 75 programmers, give them experience to boost their capabilities and then provide accreditation for them after putting them through a stiff examination.

The company said that depending on the initial outcomes it would monitor, it might consider widening the project to more widely equip staff.

"We are pleased to see Lockheed Martin adopt the GSSP certification and become the first systems integrator to provide its customers with assurance that the people building applications actually understand how to write secure code," said Alan Paller, director of Research, SANS Institute.

"Using industry standard certification for secure application development is essential to delivering secure solutions to customers," he said.

Lockheed Martin said the new Global Information Assurance Certification -- GIAC -- Secure Software Programmer -- GSSP -- would be organized and run by the SANS Institute.

The company said the exams would be designed to calibrate programmers' levels of expertise in working on secure systems as produced by the Secure Programming Council, a global consortium of individuals and organizations. The SANS tests would apply problems created through the use of real code examples using Java, C and .NET, the company said.

"Lockheed Martin integrates all aspects of information assurance into every solution it delivers and continues to invest in proactive security measures," said Eric Cole, Senior Cyber Security Fellow, Lockheed Martin IS&GS. "We are committed to improving secure software development practices and are certifying our employees who are working in the area of cyber security on customer programs," he continued.

Lockheed Martin noted that a Carnegie Mellon study had concluded that as much as 90 percent of reported security incidents were caused by taking advantage of defects in software code or design.

Related UPI Stories
Trending Stories