“Federal agencies, which have begun spending millions to upgrade
information security in response to a presidential directive, say
protecting computer networks will also mean finding ways to hold
software vendors accountable for the quality of their products.
John Gilligan, CIO of the U.S. Department of Energy, said users
have to ‘focus our attention’ on better defining the expectations
and enforcement of warranties for commercial software.
Vendors must ‘provide products that will either be free from
certain types of vulnerabilities or reliability problems or they
will have financial liability,’ said Gilligan, speaking today
at the U.S. Department of Commerce’s National Information Systems
Security Conference.”