DEZ. 18, 2024 | US
BSA Encourages Alignment of CISA Bad Practices Guide With Other Software Security Efforts
Inside Cybersecurity
By Jacob Livesay
The Cybersecurity and Infrastructure Security Agency should take steps to align its product security bad practices guidance with other federal software policy initiatives including the self-attestation form and National Institute of Standards and Technology guidance, according to BSA | The Software Alliance.
“The document includes resources, but it remains unclear how the authoring organizations understand the practices in the document within the context of the National Institute of Standards and Technology (NIST) Secure Software Development Framework, or the Secure Software Attestation Form,” BSA says in a filing submitted to CISA on Monday.
CISA on Oct. 16 published guidance with the FBI on “risky” practices that tech manufacturers should avoid in the development process, with a particular focus on securing products used in critical infrastructure or national critical functions. The comment period closed on Dec. 16.
Original Posting: https://insidecybersecurity.com/daily-news/bsa-seeks-details-alignment-cisa-bad-practices-guide-other-software-security-efforts
ÜBER BSA
Die Business Software Alliance (www.bsa.org) ist die globale Stimme der Software-Industrie gegenüber Politik und Wirtschaft. Die Mitglieder der BSA gehören zu den innovativsten Unternehmen weltweit und erarbeiten neue Software-Lösungen, die die Wirtschaft antreiben und das moderne Leben von heute prägen.