DIC 18, 2024 | US
BSA Encourages Alignment of CISA Bad Practices Guide With Other Software Security Efforts
Inside Cybersecurity
By Jacob Livesay
The Cybersecurity and Infrastructure Security Agency should take steps to align its product security bad practices guidance with other federal software policy initiatives including the self-attestation form and National Institute of Standards and Technology guidance, according to BSA | The Software Alliance.
“The document includes resources, but it remains unclear how the authoring organizations understand the practices in the document within the context of the National Institute of Standards and Technology (NIST) Secure Software Development Framework, or the Secure Software Attestation Form,” BSA says in a filing submitted to CISA on Monday.
CISA on Oct. 16 published guidance with the FBI on “risky” practices that tech manufacturers should avoid in the development process, with a particular focus on securing products used in critical infrastructure or national critical functions. The comment period closed on Dec. 16.
Original Posting: https://insidecybersecurity.com/daily-news/bsa-seeks-details-alignment-cisa-bad-practices-guide-other-software-security-efforts
ACERCA DE BSA
El Business Software Alliance (www.bsa.org) es el principal defensor de la industria global del software ante los gobiernos y en el mercado internacional. Sus miembros se encuentran entre las compañías más innovadoras del mundo, creando soluciones de software que impulsan la economía y mejoran la vida moderna.