12월 18, 2024 | US
BSA Encourages Alignment of CISA Bad Practices Guide With Other Software Security Efforts
Inside Cybersecurity
By Jacob Livesay
The Cybersecurity and Infrastructure Security Agency should take steps to align its product security bad practices guidance with other federal software policy initiatives including the self-attestation form and National Institute of Standards and Technology guidance, according to BSA | The Software Alliance.
“The document includes resources, but it remains unclear how the authoring organizations understand the practices in the document within the context of the National Institute of Standards and Technology (NIST) Secure Software Development Framework, or the Secure Software Attestation Form,” BSA says in a filing submitted to CISA on Monday.
CISA on Oct. 16 published guidance with the FBI on “risky” practices that tech manufacturers should avoid in the development process, with a particular focus on securing products used in critical infrastructure or national critical functions. The comment period closed on Dec. 16.
Original Posting: https://insidecybersecurity.com/daily-news/bsa-seeks-details-alignment-cisa-bad-practices-guide-other-software-security-efforts
BSA 소개
소프트웨어 연합(Business Software Alliance, 이하 BSA)(www.bsa.org)은 각국 정부를 대상으로 세계 시장에서 전 세계 소프트웨어 업계를 대변하고 옹호하는 선도적 연합체입니다. 세계의 가장 혁신적 기업들이 회원사로 참여하며 경제에 활기를 불어 넣고 현대의 생활을 향상시키는 소프트웨어 솔루션을 만들어 내고 있습니다.