NSA starts referral service

The National Security Agency has developed an evaluation program for government and industry organizations seeking to improve the security of their information technology systems and networks.

Called the Infosec Assessment Training and Rating Program, it will connect organizations in need of IT vulnerability assessments with companies qualified to perform them within the program guidelines and standards.

Seven companies agreed to have their security vulnerability services appraised against the NSA's information security assessment capability maturity model. These companies perform assessments using either the NSA-developed methodology or one that is similar.

The participating companies include: Backbone Security.com, Sudbury, Mass.; Booz-Allen Hamilton Inc., McLean, Va.; Computer Sciences Corp., El Segundo, Calif.; Electronic Data Systems Corp., Plano, Texas; Lucent Technologies Inc., Murray Hill, N.J.; SRA International Inc., Fairfax, Va.; TrustWave Corp., Annapolis, Md.